gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: gfwleak:20-05dev
Branches Tags
gfwleak:master gfwleak:develop gfwleak:20-06dev gfwleak:deploy gfwleak:20-05dev gfwleak:20-04dev gfwleak:patch-2 gfwleak:patch-1
..
compare: gfwleak:patch-1
Branches Tags
gfwleak:develop gfwleak:20-06dev gfwleak:deploy gfwleak:20-05dev gfwleak:20-04dev gfwleak:patch-2 gfwleak:patch-1 gfwleak:master

1 Commits
20-05dev ... patch-1

Author SHA1 Message Date
朱明明
84fd39418d 添加获取操作系统关键字和修改ftp登录 2020-04-14 17:19:18 +08:00
313 changed files with 27606 additions and 40928 deletions
Expand all files Collapse all files

0
01-TestCase/tsg_adc/api_proxy/.gitkeep
View File

345
01-TestCase/tsg_adc/api_proxy/AllowHttpTests.robot
View File

@@ -1,345 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Proxy_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Allow-Http-00001
[Tags] Allow IP FQDN DENY HTTP pxy_manipulation
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sinovision","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*www.sinovision.net"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ls_sinovision","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sinovision"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#${objectids} set Variable ${object_FQDN_Id},${object_URL_Id}
#创建对象 UA
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_Id}
#${objectids} set Variable ${object_FQDN_Id},${object_URL_Id},${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建对象 SC
${rescodeip} ${object_SC_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sin_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["oKD0_802a"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SC_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SC_Id}
#${objectids} set Variable ${object_FQDN_Id},${object_URL_Id},${object_UA_Id},${object_SC_Id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建 Deny 管控搭配Allow
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Deny-Http-00001","policyType":"pxy_manipulation","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"block","message":"404","code":404,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Deny-Http-00001","policyType":"pxy_manipulation","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"block","message":"404","code":404,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Deny-Http-00001","policyType":"pxy_manipulation","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"block","message":"404","code":404,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
log ${addPolicyStr}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1} ${policyIds2}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Allow-Http-00001","policyType":"pxy_manipulation","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"allow","protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Allow-Http-00001","policyType":"pxy_manipulation","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"allow","protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Allow-Http-00001","policyType":"pxy_manipulation","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"allow","protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
${starttime} Get Time
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run curl -I \ -m \ 10 \ -o \ /dev/null \ -s \ -w \ \ \%{http_code} \ \ http://www.icbc.com.cn
should contain ${commandreturn} 000
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host icbc
ProxyPolicy-allow-http-00002
[Tags] allow http IP+cat+url+请求UA+应答CT
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_ss", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_ss", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.sinovision.net" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":[ {"policyId":"","isValid":1,"policyName":"SecurityPolicy-Intercept-Https-00001", "policyType":"tsg_security", "action":"intercept","userTags":"", "doBlacklist":0, "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add", "returnData":1, "policyList":[ {"policyId":"","isValid":1, "policyName":"SecurityPolicy-Intercept-Https-00001","policyType":"tsg_security", "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable {"opAction":"add","returnData":1,"policyList":[ {"policyId":"","isValid":1,"policyName":"SecurityPolicy-Intercept-Https-00001", "policyType":"tsg_security", "action":"intercept","userTags":"", "doBlacklist":0, "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_ss", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_ss", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "sinovision" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#${objectids} set Variable ${object_FQDN_Id},${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
#${objectids} set Variable ${object_FQDN_Id},${object_url_Id},${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
#${objectids} set Variable ${object_FQDN_Id},${object_url_Id},${object_UA_Id},${object_CT_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
#创建allow策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
#创建Redirect策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.vip.com/", "code": "302",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.vip.com/", "code": "302",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.vip.com/", "code": "302",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId4},${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_http00002.bat
... ELSE curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.sinovision.net/portal.php?mod=center
${stringlist} Create List 美国中文网
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.sinovision.net
ProxyPolicy-allow-http-00003
[Tags] allow http IP+cat+url+请求CK+应答SK
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*zhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "xiao" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建ck对象
${rescodeip} ${object_CK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["collina"],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_Id}
#创建SK对象
${rescodeip} ${object_SK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_SK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["domain=.xiaozhu.com"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
#创建allow策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
#创建hijack策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":165, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":165, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":165, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3},${policyId4}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_http00003.bat
... ELSE set variable curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' http://www.xiaozhu.com
${stringlist} Create List 支付系统
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host xiaozhu.com
ProxyPolicy-allow-http-00005
[Tags] allow http fqdn+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_cb", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_cb", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.ccb.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ]"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ]"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_cb", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_cb", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "ccb.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建allow策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-http-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-http-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-http-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
#创建replace策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-replace-http-00005","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_resp_body","find":"龙支付","replace_with":"1584529953926"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-replace-http-00005","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_resp_body","find":"龙支付","replace_with":"1584529953926"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-replace-http-00005","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_resp_body","find":"龙支付","replace_with":"1584529953926"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3},${policyId4}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_http00005.bat
... ELSE set variable curl -kv http://www.ccb.com/cn/home/indexv3.html
${stringlist} Create List 电子银行开通
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.ccb.com
roxyPolicy-allow-http-00008
[Tags] allow IP+FQDN+UA+SK+URL http
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_ss", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_ss", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.sinovision.net" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_ss", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_ss", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "sinovision" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建sk对象
${rescodeip} ${object_SK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_SK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["oKD0_802a"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
#创建allow策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-Http-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-Http-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-Http-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
#创建Redirect策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Http-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.vip.com/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Http-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.vip.com/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Http-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.vip.com/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3},${policyId4}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_allow_ssl00008.bat
... ELSE set variable curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.sinovision.net/
${stringlist} Create List 美国中文网
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.sinovision.net
ProxyPolicy-Allow-Http-00009
[Tags] Allow IP FQDN IP+URL DENY HTTP pxy_manipulation
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sinovision","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*open.node.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ls_sinovision","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["open.node.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#${objectids} set Variable ${object_FQDN_Id},${object_URL_Id}
#${objectids} set Variable ${object_FQDN_Id},${object_URL_Id},${object_UA_Id}
#${objectids} set Variable ${object_FQDN_Id},${object_URL_Id},${object_UA_Id},${object_SC_Id}
Comment 创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
Comment 创建 Deny 管控搭配Allow
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Deny-Http-00001","policyType":"pxy_manipulation","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"block","message":"404","code":404,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Deny-Http-00001","policyType":"pxy_manipulation","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"block","message":"404","code":404,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Deny-Http-00001","policyType":"pxy_manipulation","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"block","message":"404","code":404,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
log ${addPolicyStr}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1} ${policyIds2}
Comment 创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Allow-Http-00001","policyType":"pxy_manipulation","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"allow","protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Allow-Http-00001","policyType":"pxy_manipulation","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"allow","protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Allow-Http-00001","policyType":"pxy_manipulation","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"allow","protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
${starttime} Get Time
Comment 功能端验证
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run curl -I \ -m \ 10 \ -o \ /dev/null \ -s \ -w \ \ \%{http_code} \ \ http://open.node.com
should contain ${commandreturn} 200
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

371
01-TestCase/tsg_adc/api_proxy/AllowSSLTests.robot
View File

@@ -1,371 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Proxy_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-allow-ssl-00001
[Tags] allow ssl IP+FQDN+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jianshu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_js", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_js", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "mobile" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建allow策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
#创建deny策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3},${policyId4}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00001.bat
... ELSE set variable curl -kv https://www.jianshu.com/mobile/club
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host jianshu.com
ProxyPolicy-allow-ssl-00004
[Tags] allow ssl IP+url验证
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_dy", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_dy", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*douyin.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_dy", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_dy", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "platform" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建allow策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
#创建insert策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-insert-ssl-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "insert","insert_profile": 23, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-insert-ssl-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "insert","insert_profile": 23, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-insert-ssl-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "insert","insert_profile": 23, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3},${policyId4}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00004.bat
... ELSE set variable curl -kv https://open.douyin.com/platform
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host douyin.com
ProxyPolicy-allow-ssl-00006
[Tags] allow ssl 请求UA+url验证
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_zl", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_zl", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.zealer.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_zl", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_zl", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "register" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建allow策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
#创建monitor策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-monitor-ssl-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "monitor", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-monitor-ssl-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "monitor", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3},${policyId4}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00006.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.zealer.com/account/register
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.zealer.com
ProxyPolicy-allow-ssl-00007
[Tags] allow ssl 应答CT+url验证
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_yhd", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_ydh", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*yhd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_yhd", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_ydh", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "passport" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ {"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00007.bat
... ELSE set variable curl -kv https://passport.yhd.com/passport/login_input.do
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host yhd.com
ProxyPolicy-allow-ssl-00009
[Tags] allow ssl Sub_id+Category+CK+CT+URL
# #创建SUB
# ${rescode} ${object_SUB_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"subscriberid", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$jwctest" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
# log ${object_SUB_Id}
# #删除对象
# ${objectids} set Variable ${object_SUB_Id}
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*weibo.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentSubID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_js", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_js", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "weibo" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建ck对象
${rescodeip} ${object_CK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["SINAGLOBAL"],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
#创建allow策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
#创建deny策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3},${policyId4}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00001.bat
... ELSE set variable curl -kv https://www.jianshu.com/mobile/club
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host jianshu.com
ProxyPolicy-allow-ssl-00010
[Tags] allow ssl IP+FQDN英文
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*youtube.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建allow策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow", \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
#创建deny策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3},${policyId4}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_allow_ssl00010.bat
... ELSE set variable curl -kv https://youtube.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host youtube.com
ProxyPolicy-allow-ssl-00011
[Tags] allow ssl IP+url俄文
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*zakon.kz" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_js", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_js", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "zakon.kz" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建allow策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-allow-ssl-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"allow", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "allow",\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 创建deny策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-ssl-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block","message":"12345","code":403, \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId4} AddPolicy ${addPolicyStr}
log ${policyId4}
${policyId5} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3},${policyId4}]}
Comment 删除所有策略
${policyIds} Create List ${policyId1} ${policyId5}
Comment 功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_allow_ssl00011.bat
... ELSE set variable curl -kv https://zakon.kz/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host zakon.kz

266
01-TestCase/tsg_adc/api_proxy/DenyHttpTests.robot
View File

@@ -1,266 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Proxy_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/responsepages
${profiledId} ${EMPTY}
*** Test Cases ***
ProxyPolicy-deny-http-00002
[Tags] deny IP+cat+url+请求UA+应答CT
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_cb", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_cb", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*ccb.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-http-00002-SecurityPolicy-Intercept-Http", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-http-00002-SecurityPolicy-Intercept-Http", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-http-00002-SecurityPolicy-Intercept-Http", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_cb", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_cb", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "ccb.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "test", "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "test", "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "test", "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_http00002.bat
#${commandstr} set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.ccb.com/cn/home/indexv3.html
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_http00002.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.ccb.com/cn/home/indexv3.html
${stringlist} Create List X-TG-Construct-By: tfe The requested resource could not be found but may be available again in the future test
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host ccb.com
ProxyPolicy-deny-http-00003
[Tags] deny IP+cat+url+请求CK+应答SK验证
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*zhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "xiao" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建ck对象
${rescodeip} ${object_CK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["collina"],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_Id}
#创建SK对象
${rescodeip} ${object_SK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_SK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["domain=.xiaozhu.com"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "Русскийязык", "code": 451,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "Русскийязык", "code": 451,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "Русскийязык", "code": 451,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_http00003.bat
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_http00003.bat
... ELSE set variable curl -kv --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' http://www.xiaozhu.com
#This request may not be serviced due to the regulations of your residency (TFE-2867:Русскийязык).
#${stringlist} Create List Русскийязык
${stringlist} Create List X-TG-Construct-By: tfe Error 451 This request may not be serviced due to the regulations of your residency (TFE Русскийязык).
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host xiaozhu.com
ProxyPolicy-deny-http-00006
[Tags] deny fqdn+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.xiaozhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "www.xiaozhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#新增DenyResponsfile
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId} , "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId} , "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId} , "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_http00006.bat
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_http00006.bat
... ELSE set variable curl -kv http://www.xiaozhu.com/#ongo/
#${stringlist} Create List 404
${stringlist} Create List X-TG-Construct-By: tfe 对不起,您请求的页面不存在、或已被删除、或暂时不可用 404-对不起!您访问的页面不存在
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.xiaozhu.com
ProxyPolicy-deny-http-00009
[Tags] deny 请求body+url selfserver
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*open.node.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "action" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建body对象
${rescodeip} ${object_body_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"keywords", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "body" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "12312" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_body_Id}
#新增DenyResponsfile
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404russian.html resPages
${profiledId} Get From Dictionary ${response} profileId
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId} , "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId} , "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId} , "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=body&setCookie=set-cookie&contentType=content-type&resBody=Response Body" http://open.node.com/action | iconv -f utf-8 -t gbk
${commandstr} run keyword if '${systemType}'=='Windows' set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=body&setCookie=set-cookie&contentType=content-type&resBody=Response Body" http://open.node.com/action | iconv -f utf-8 -t gbk
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=body&setCookie=set-cookie&resBody=Response Body" http://open.node.com/action
${stringlist} Create List - 404, простите!  страница, к которой вы пришли, не существует Извините, запрошенная страница не существует или была удалена или временно недоступна
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-deny-http-00013
[Tags] deny 请求body中文+url selfserver
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*open.node.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "action" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建body对象
${rescodeip} ${object_body_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"keywords", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "明天你好" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "12312" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_body_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "404NotFind", "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "404NotFind", "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "404NotFind", "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=明天你好&setCookie=set-cookie&contentType=content-type&resBody=Response Body" http://open.node.com/action | iconv -f utf-8 -t gbk
${commandstr} run keyword if '${systemType}'=='Windows' set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=明天你好&setCookie=set-cookie&contentType=content-type&resBody=Response Body" http://open.node.com/action | iconv -f utf-8 -t gbk
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=明天你好&setCookie=set-cookie&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} Create List Error 404 The requested resource could not be found but may be available again in the future (TFE 404NotFind).
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

409
01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot
View File

@@ -1,409 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Proxy_Policy Proxy_Deny_SSL
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/responsepages
${profiledId} ${EMPTY}
*** Test Cases ***
ProxyPolicy-deny-ssl-00001
[Tags] deny IP+FQDN+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_lj", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_lj", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*lianjia.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_lj", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_lj", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "ershoufang" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "123456", "code":403,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "123456", "code":403,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "message": "123456", "code":403,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00001.bat
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00001.bat
... ELSE set variable curl -kv https://bj.lianjia.com/ershoufang/
${stringlist} Create List 403 Forbidden Tango Secure Gateway CA Access Denied <small>Error 403 The requested resource requires an authentication (TFE 123456).
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host lianjia.com
ProxyPolicy-deny-ssl-00004
[Tags] deny IP+FQDN+应答body
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*ke.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "zufang" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建body对象
${rescodeip} ${object_body_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"keywords", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "北京贝壳网" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "12312" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_body_Id}
#新增DenyResponsfile
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_RES_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ {"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},\ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_RES_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_RES_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_deny_ssl00004.bat
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_deny_ssl00004.bat
... ELSE set variable curl -kv https://bj.zu.ke.com/zufang
${stringlist} Create List Tango Secure Gateway CA TLSv1.2 (IN), TLS alert, close notify (256)
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host bj.zu.ke.com
ProxyPolicy-deny-ssl-00005
[Tags] deny ip+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.toutiao.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "www.toutiao.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#新增DenyResponsfile
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404russian.html resPages
${profiledId} Get From Dictionary ${response} profileId
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00005.bat
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00005.bat
... ELSE set variable curl -kv https://www.toutiao.com/ch/news_hot/
${stringlist} Create List Tango Secure Gateway CA - 404, простите!  страница, к которой вы пришли, не существует Извините, запрошенная страница не существует или была удалена или временно недоступна
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.toutiao.com
ProxyPolicy-deny-ssl-00007
[Tags] deny 请求UA+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_gk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_gk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*gamersky.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_gk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_gk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "gamersky.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#新增DenyResponsfile
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile":${profiledId}, "code": 451,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile":${profiledId}, "code": 451,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ {"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile":${profiledId}, "code": 451,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00007.bat
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00007.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.gamersky.com/news/
${stringlist} Create List Tango Secure Gateway CA 451 Unavailable For Legal Reasons X-TG-Construct-By: tfe 404 sorry! The page you visited does not exist
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.gamersky.com
ProxyPolicy-deny-ssl-00008
[Tags] deny 应答CT+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_nk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_nk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*nationalbank.kz" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_nk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_nk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "nationalbank" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 403,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 403,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 403,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00008.bat
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00008.bat
... ELSE set variable curl -kv https://nationalbank.kz/
${stringlist} Create List Tango Secure Gateway CA 403 Forbidden X-TG-Construct-By: tfe 404 sorry! The page you visited does not exist
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host nationalbank.kz
ProxyPolicy-deny-ssl-00010
[Tags] deny SUB+fqdn
#创建SUB
#${rescode} ${object_SUB_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"subscriberid", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$jwctest" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#log ${object_SUB_Id}
#删除对象
#${objectids} set Variable ${object_SUB_Id}
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*weibo.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":[{"policyId":"","isValid":1,"policyName":"ProxyPolicy-deny-Https-00010","policyType":"pxy_manipulation","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"scheduleId":[],"appObjectIdArray":[2]}] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":[{"policyId":"","isValid":1,"policyName":"ProxyPolicy-deny-Https-00010","policyType":"pxy_manipulation", "action":"deny","userTags":"","doBlacklist":0,"doLog":1, "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"scheduleId":[],"appObjectIdArray":[2]}] }
... ELSE set variable {"opAction":"add","returnData":1,"policyList":[{"policyId":"","isValid":1,"policyName":"ProxyPolicy-deny-Https-00010","policyType":"pxy_manipulation","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"scheduleId":[],"appObjectIdArray":[2]}] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证证书问题
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00010.bat
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00010.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.twitch.tv/directory
${stringlist} Create List Tango Secure Gateway CA 404 X-TG-Construct-By: tfe The page you visited does not exist
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host weibo.com
ProxyPolicy-deny-ssl-00011
[Tags] deny ip+fqdn(英文)
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*facebook.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#新增DenyResponsfile
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404russian.html resPages
${profiledId} Get From Dictionary ${response} profileId
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile":${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile":${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile":${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy-deny-ssl-00011.bat
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-deny-ssl-00011.bat
... ELSE set variable curl -kv https://www.facebook.com/
${stringlist} Create List Tango Secure Gateway CA - 404, простите!  страница, к которой вы пришли, не существует Извините, запрошенная страница не существует или была удалена или временно недоступна
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host facebook.com
ProxyPolicy-deny-ssl-00012
[Tags] deny fqdn+url(俄文)
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*rutube.ru" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "rutube" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} set Variable ${object_FQDN_Id},${object_url_Id}
#新增DenyResponsfile
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404russian.html resPages
${profiledId} Get From Dictionary ${response} profileId
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00012", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile":${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00012", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile":${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00012", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile":${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy-deny-ssl-00012
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-deny-ssl-00012.bat
... ELSE set variable curl -kv https://rutube.ru/
#curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=рускйсекс&setCookie=set-cookie&contentType=text/html;charset=utf-8&resBody=Response Body" https://open.node.com/action
${stringlist} Create List Tango Secure Gateway CA - 404 запрошенная страница не существует или была удалена или временно недоступна
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host rutube.ru

204
01-TestCase/tsg_adc/api_proxy/HijackHttpTests.robot
View File

@@ -1,204 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Proxy_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-hijack-http-00002
[Tags] hijack http IP+cat+url+请求UA+应答CT
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_ss", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_ss", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.sinovision.net" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_ss", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_ss", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "sinovision" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":163, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":163, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_http00002.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.sinovision.net/portal.php?mod=center
${stringlist} Create List qwerrrrrrrrr
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.sinovision.net
ProxyPolicy-hijack-http-00003
[Tags] hijack http IP+cat+url+请求CK+应答SK
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*zhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "xiao" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建ck对象
${rescodeip} ${object_CK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["collina"],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_Id}
#创建SK对象
${rescodeip} ${object_SK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_SK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["domain=.xiaozhu.com"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":165, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":165, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_http00003.bat
... ELSE set variable curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' http://www.xiaozhu.com
${stringlist} Create List 1950
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host xiaozhu.com
ProxyPolicy-hijack-http-00005
[Tags] hijack http fqdn+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_cb", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_cb", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.ccb.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_cb", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_cb", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "ccb.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-http-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 167, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-http-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 167, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_http00005.bat
... ELSE set variable curl -kv http://www.ccb.com/cn/home/indexv3.html
${stringlist} Create List 4.png
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.ccb.com
ProxyPolicy-Hijack-Http-00006
[Tags] Hijack Fqdn_Url_UA_SC
#png
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sinovision","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*www.sinovision.net"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ls_sinovision","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sinovision"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建对象 UA
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建对象 SC
${rescodeip} ${object_SC_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sin_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["oKD0_802a"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SC_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SC_Id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":3331,"protocolFields":[]},{"objectId":3562,"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-png-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":181,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":8510,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":8511,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8507,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":8508,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-png-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":181,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-png-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":181,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-Hijack-Http-00001.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.sinovision.net/portal.php?mod=center
${stringlist} Create List zmmpng
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.sinovision.net

608
01-TestCase/tsg_adc/api_proxy/HijackSSLTests.robot
View File

@@ -1,608 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Proxy_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-hijack-ssl-00001
[Tags] hijack ssl IP+FQDN+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_js", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jianshu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_js", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_js", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "mobile" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":161, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":161, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00001.bat
... ELSE set variable curl -kv https://www.jianshu.com/mobile/club
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host jianshu.com
ProxyPolicy-hijack-ssl-00004
[Tags] hijack ssl IP+url验证
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_dy", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_dy", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*douyin.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_dy", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_dy", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "platform" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 159, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 159, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00004.bat
... ELSE set variable curl -kv https://open.douyin.com/platform
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host douyin.com
ProxyPolicy-hijack-ssl-00006
[Tags] hijack ssl 请求UA+url验证
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_zl", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_zl", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.zealer.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_zl", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_zl", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "register" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 169, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 169, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00006.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.zealer.com/account/register
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.zealer.com
ProxyPolicy-hijack-ssl-00007
[Tags] hijack ssl 应答CT+url验证
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_yhd", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_ydh", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*yhd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_yhd", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_ydh", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "passport" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":171,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile":171,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00007.bat
... ELSE set variable curl -kv https://passport.yhd.com/passport/login_input.do
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host yhd.com
ProxyPolicy-hijack-ssl-00008
[Tags] hijack ssl fqdn+url验证英文
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_dy", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_dy", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$twitter.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_dy", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_dy", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "twitter.com/login" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 161, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 161, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00008.bat
... ELSE set variable curl -kv https://twitter.com/login
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host twitter.com
ProxyPolicy-hijack-ssl-00009
[Tags] hijack ssl 请求UA+url验证俄文
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_zl", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_zl", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*tengrinews.kz" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_zl", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_zl", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "tengrinews.kz/zakon/" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 169, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-hijack-ssl-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "hijack", "hijack_profile": 169, \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_hijack_ssl00009.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://tengrinews.kz/zakon/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host tengrinews.kz
ProxyPolicy-Hijack-SSL-00010
[Tags] Hijack SSL
#apk
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sogou.com","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ou.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sogou"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建对象 UA
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建对象 SC
${rescodeip} ${object_SC_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sogou"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SC_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SC_Id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3331,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":3563,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8512,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":3577,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-Hijack-SSL-00001.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://wap.sogou.com/
${stringlist} Create List qwerrrrrrrrr
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host wap.sogou.com
ProxyPolicy-Hijack-SSL-00011
[Tags] Hijack
#html
#创建对象SubID
#${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_Subid_Id}
#${objectids} set Variable ${object_Subid_Id}
#创建对象 Category
${rescodeip} ${object_Cat_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*sogou.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Cat_Id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id}
${objectids} set Variable ${object_Cat_Id}
#创建对象URL
${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sogou.co"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id}
#创建对象CK
${rescode_deny} ${object_CK_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ld_weibo_ck","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["SUV="],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CK_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id},${object_CK_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_id}
#创建对象CT
${rescode_deny} ${object_CT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ct_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CT_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3329,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"appObj"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":5887,"protocolFields":[]},{"objectId":3579,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":3575,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":6639,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-Hijack-SSL-00002.bat
... ELSE set variable curl -kv --cookie "SUV=001417487B769DD85B65253149725433; SMYUV=1533629990235795; SUID=B30E65757C20940A000000005B6AF061; pgv_pvi=8797682688; ssuid=8017562563; tv_play_records=tvshow_2279123:20190405; LSTMV=312%2C176; LCLKINT=1391;" --referer 'http://www.baidu.com/' https://wap.sogou.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host wap.sogou.com
ProxyPolicy-Hijack-SSL-00012
[Tags] Hijack SSL
#apk
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_facebook","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*acebook.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["aceboo"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建对象 UA
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建对象 SC
${rescodeip} ${object_SC_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["facebook"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SC_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SC_Id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3331,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":3563,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8512,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":3577,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-Hijack-SSL-00003.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.facebook.com/
${stringlist} Create List qwerrrrrrrrr
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.facebook.com
ProxyPolicy-Hijack-SSL-00013
[Tags] Hijack
#html
#创建对象SubID
#${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_Subid_Id}
#${objectids} set Variable ${object_Subid_Id}
#创建对象 Category
${rescodeip} ${object_Cat_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_zakon","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*facebook.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Cat_Id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id}
${objectids} set Variable ${object_Cat_Id}
#创建对象URL
${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_www.zakon","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["facebook"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id}
#创建对象CK
${rescode_deny} ${object_CK_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ld_weibo_ck","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["datr="],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CK_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id},${object_CK_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_id}
#创建对象CT
${rescode_deny} ${object_CT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ct_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CT_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3329,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":5887,"protocolFields":[]},{"objectId":3579,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":3575,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":6639,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-Hijack-SSL-00004.bat
... ELSE set variable curl -kv --cookie "fr=1yqofX6H5I9WihUHa..BegZGb.Ys.AAA.0.0.BegZGb.AWVMft0q; sb=m5GBXgM_o5OnaHBUE8Rrh3tM; datr=m5GBXjkoNsYzxI4ZBI3bAOYw; wd=2058x468" --referer 'http://www.baidu.com/' https://www.facebook.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.facebook.com
ProxyPolicy-Hijack-SSL-00014
[Tags] Hijack SSL
#apk
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_facebook","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*akon.kz"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["zakon"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建对象 UA
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建对象 SC
#${rescodeip} ${object_SC_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["facebook"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_SC_Id}
#${objectids} set Variable ${object_FQDN_Id},${object_URL_Id},${object_UA_Id},${object_SC_Id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3331,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":3563,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8512,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":3577,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-Hijack-SSL-00005.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.zakon.kz/
${stringlist} Create List qwerrrrrrrrr
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.zakon.kz
ProxyPolicy-Hijack-SSL-00015
[Tags] Hijack
#html
#创建对象SubID
#${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_Subid_Id}
#${objectids} set Variable ${object_Subid_Id}
#创建对象 Category
${rescodeip} ${object_Cat_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_zakon","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*www.zakon.kz"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Cat_Id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id}
${objectids} set Variable ${object_Cat_Id}
#创建对象URL
${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_www.zakon","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["www.zakon"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id}
${objectids} set Variable ${object_Cat_Id},${object_URL_id}
#创建对象CK
${rescode_deny} ${object_CK_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ld_weibo_ck","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["__auc="],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CK_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id},${object_CK_id}
${objectids} set Variable ${object_Cat_Id},${object_URL_id},${object_CK_id}
#创建对象CT
${rescode_deny} ${object_CT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ct_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CT_id}
${objectids} set Variable ${object_Cat_Id},${object_URL_id},${object_CK_id} ,${object_CT_id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3329,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":5887,"protocolFields":[]},{"objectId":3579,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":3575,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":6639,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-Hijack-SSL-00006.bat
... ELSE set variable curl -kv --cookie "__auc=872f19501711ae0020cae00e8d8; _ym_d=1585293823; _ym_uid=15852938231061175569; _ga=GA1.2.1046919061.1585293826; __gads=ID=1b694b3cc49e99df:T=1585293826:S=ALNI_MZIjruz8AFwPRVc6EuwOUp6UG2wyg; _zero_cc=z5e7daa056eb62; tmr_lvid=212dae53346bc4dd7232880a9834c5ac; tmr_lvidTS=1585293841169; GN_USER_ID_KEY=b8fa7cfc-aa09-4bf0-9312-e83d0a3e5448; tmr_reqNum=4; rel_val=600000; __asc=ea27801f1712a24de07f712cb52; _zero_ss=5e8192a7c0fff.1585549991.1585549991.1; _gid=GA1.2.1300673287.1585549992; _gat_gtag_UA_19108819_1=1" --referer 'http://www.baidu.com/' https://www.zakon.kz/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.zakon.kz

121
01-TestCase/tsg_adc/api_proxy/InsertHttpTests.robot
View File

@@ -1,121 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_event
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
Library Custometest
*** Test Cases ***
ProxyPolicy-insert-Http-js-00001
[Tags] insert
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sinovision","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*www.sinovision.net"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ls_sinovision","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sinovision"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建对象 UA
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建对象 SC
${rescodeip} ${object_SC_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sin_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["oKD0_802a"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SC_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SC_Id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":3331,"protocolFields":[]},{"objectId":3562,"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-png-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":181,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":8510,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":8511,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8507,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":8508,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-png-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-png-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-insert-Http-00001.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.sinovision.net/portal.php?mod=center
${stringlist} Create List RQ_SCRIPT
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.sinovision.net
ProxyPolicy-insert-Http-css-00002
[Tags] insert
#创建对象SubID
#${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#${objectids} set Variable ${object_Subid_Id}
#创建对象 Category
${rescodeip} ${object_Cat_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sin","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*www.sinovision.net"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Cat_Id}
#${objectids} set Variable ${object_Subid_Id},${object_Cat_Id}
${objectids} set Variable ${object_Cat_Id}
#创建对象URL
${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ls_sinovision","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sinovision"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_id}
#${objectids} set Variable ${object_Subid_Id},${object_Cat_Id},${object_URL_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id}
#创建对象CK
${rescode_deny} ${object_CK_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sin_ck","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["oKD0_802a"],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CK_id}
#${objectids} set Variable ${object_Subid_Id},${object_Cat_Id},${object_URL_id},${object_CK_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_id}
#创建对象CT
${rescode_deny} ${object_CT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ct_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CT_id}
#${objectids} set Variable ${object_Subid_Id},${object_Cat_Id},${object_URL_id},${object_CK_id},${object_SC_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-San_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-exe-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":183,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-exe-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":183,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-exe-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-Http-exe-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-insert-Http-00002.bat
... ELSE set variable curl -kv --cookie "oKD0_802a_saltkey=GssJU4vd; oKD0_802a_lastvisit=1583299284; oKD0_802a_pvi=656927416; _ga=GA1.2.2008992591.1583302924; __qca=P0-416369031-1583302925459; oKD0_802a_chinacountry=1; oKD0_802a_si=s75975888; zh_choose=n; __gads=ID=9674dfcbea12038e:T=1585059647:S=ALNI_MYPPZN5Z_UthuylbEOqR-zno5YoHg; oKD0_802a_application_clientip=111.201.144.161; oKD0_802a_sid=va7jUV; oKD0_802a_lastact=1585234917%09portal.php%09index" --referer 'http://www.baidu.com/' http://www.sinovision.net/portal.php?
${stringlist} Create List RQ_SCRIPT
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.sinovision.net

346
01-TestCase/tsg_adc/api_proxy/InsertSSLTest.robot
View File

@@ -1,346 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_event
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
Library Custometest
*** Test Cases ***
ProxyPolicy-insert-SSL-js-00001
[Tags] insert SSL
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_sogou.com","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ou.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sogou"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建对象 UA
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建对象 SC
${rescodeip} ${object_SC_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sogou"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SC_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SC_Id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3331,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":3563,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8512,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":3577,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":3563,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8512,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":3577,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-insert-SSL-00001.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://wap.sogou.com/
${stringlist} Create List RQ_SCRIPT
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host wap.sogou.com
ProxyPolicy-insert-SSL-css-00002
[Tags] insert
#创建对象SubID
#${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_Subid_Id}
#${objectids} set Variable ${object_Subid_Id}
#创建对象 Category
${rescodeip} ${object_Cat_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*sogou.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Cat_Id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id}
${objectids} set Variable ${object_Cat_Id}
#创建对象URL
${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["sogou.co"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id}
#创建对象CK
${rescode_deny} ${object_CK_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ld_weibo_ck","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["SUV="],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CK_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id},${object_CK_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_id}
#创建对象CT
${rescode_deny} ${object_CT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ct_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CT_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3329,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":5887,"protocolFields":[]},{"objectId":3579,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":3575,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":6639,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":293,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":293,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-insert-SSL-00002.bat
... ELSE set variable curl -kv --cookie "SUV=001417487B769DD85B65253149725433; SMYUV=1533629990235795; SUID=B30E65757C20940A000000005B6AF061;" --referer 'http://www.baidu.com/' https://wap.sogou.com/
${stringlist} Create List Tango Secure Gateway CA
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host wap.sogou.com
ProxyPolicy-insert-SSL-js-00003
[Tags] insert
#apk
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_facebook","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*acebook.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["aceboo"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建对象 UA
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建对象 SC
${rescodeip} ${object_SC_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["facebook"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SC_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SC_Id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3331,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":3563,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8512,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":3577,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":3563,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8512,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":3577,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-insert-SSL-00003.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.facebook.com/
${stringlist} Create List RQ_SCRIPT
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.facebook.com
ProxyPolicy-insert-SSL-css-00004
[Tags] insert
#html
#创建对象SubID
#${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_Subid_Id}
#${objectids} set Variable ${object_Subid_Id}
#创建对象 Category
${rescodeip} ${object_Cat_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_zakon","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*facebook.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Cat_Id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id}
${objectids} set Variable ${object_Cat_Id}
#创建对象URL
${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_www.zakon","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["facebook"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id}
#创建对象CK
${rescode_deny} ${object_CK_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ld_weibo_ck","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["datr="],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CK_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id},${object_CK_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_id}
#创建对象CT
${rescode_deny} ${object_CT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ct_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CT_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3329,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":5887,"protocolFields":[]},{"objectId":3579,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":3575,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":6639,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-insert-SSL-00004.bat
... ELSE set variable curl -kv --cookie "fr=1yqofX6H5I9WihUHa..BegZGb.Ys.AAA.0.0.BegZGb.AWVMft0q; sb=m5GBXgM_o5OnaHBUE8Rrh3tM; datr=m5GBXjkoNsYzxI4ZBI3bAOYw; wd=2058x468" --referer 'http://www.baidu.com/' https://www.facebook.com/
${stringlist} Create List RQ_SCRIPT
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.facebook.com
ProxyPolicy-insert-SSL-js-00005
[Tags] insert
#apk
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_facebook","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*akon.kz"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建对象 URL
${rescodeip} ${object_URL_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["zakon"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建对象 UA
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建对象 SC
#${rescodeip} ${object_SC_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_weibo_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["facebook"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_SC_Id}
#${objectids} set Variable ${object_FQDN_Id},${object_URL_Id},${object_UA_Id},${object_SC_Id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3331,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":3563,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8512,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":3577,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-apk-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":185,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":3563,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":8512,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":3577,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-insert-SSL-00005.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.zakon.kz/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.zakon.kz
ProxyPolicy-insert-SSL-css-00006
[Tags] insert
#html
#创建对象SubID
#${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_Subid_Id}
#${objectids} set Variable ${object_Subid_Id}
#创建对象 Category
${rescodeip} ${object_Cat_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_zakon","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*www.zakon.kz"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Cat_Id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id}
${objectids} set Variable ${object_Cat_Id}
#创建对象URL
${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_lj_www.zakon","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["zakon"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id}
#创建对象CK
${rescode_deny} ${object_CK_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ld_weibo_ck","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["auc="],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CK_id}
#${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id},${object_CK_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_id}
#创建对象CT
${rescode_deny} ${object_CT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ct_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CT_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_id}
#创建 拦截策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_Sub+Cat","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":3329,"protocolFields":[]},{"objectId":3563,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-weibo_IP+FQDN","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建管控策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":5887,"protocolFields":[]},{"objectId":3579,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":3565,"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":3575,"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":6639,"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":187,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Hijack-SSL-html-00002","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"insert","insert_profile":229,"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
${policyIds2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2}]}
${policyIds} Create List ${policyIds1} ${policyIds2}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy-insert-SSL-00006.bat
... ELSE set variable curl -kv --cookie "__auc=872f19501711ae0020cae00e8d8; _ym_d=1585293823; _ym_uid=15852938231061175569; _ga=GA1.2.1046919061.1585293826; __gads=ID=1b694b3cc49e99df:T=1585293826:S=ALNI_MZIjruz8AFwPRVc6EuwOUp6UG2wyg; _zero_cc=z5e7daa056eb62; tmr_lvid=212dae53346bc4dd7232880a9834c5ac; tmr_lvidTS=1585293841169; GN_USER_ID_KEY=b8fa7cfc-aa09-4bf0-9312-e83d0a3e5448; tmr_reqNum=4; rel_val=600000; __asc=ea27801f1712a24de07f712cb52; _zero_ss=5e8192a7c0fff.1585549991.1585549991.1; _gid=GA1.2.1300673287.1585549992; _gat_gtag_UA_19108819_1=1" --referer 'http://www.baidu.com/' https://www.zakon.kz/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId2}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.zakon.kz

166
01-TestCase/tsg_adc/api_proxy/RedirectHttpTests.robot
View File

@@ -1,166 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Proxy_Policy #Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/PolicyObjectDefault.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Redirect-http-00002
[Tags] Redirect IP+cat+url+请求UA+应答CT
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_cb", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_cb", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*ccb.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#新界面提交内容 {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Https-00001","policyType":"tsg_security","action":"intercept","userTags":"${Default_UserTags}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":8718,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8720,"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":0,"scheduleId":[],"appObjectIdArray":[2]}}
#修改前备份${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":[{"policyId":"","isValid":1,"policyName":"SecurityPolicy-Intercept-Https-00001","policyType":"tsg_security","action":"intercept","userTags":"${Default_UserTags}","doBlacklist":0,"doLog":1,"userRegion":{"protocol":"HTTP","protocol_version":{"allow_http2":0, "min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0, "protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through", "approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}],"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":[{"policyId":"","isValid":1,"policyName":"SecurityPolicy-Intercept-Https-00001","policyType":"tsg_security","action":"intercept","userTags":"${Default_UserTags}","doBlacklist":0,"doLog":1,"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"scheduleId":[],"appObjectIdArray":[2]}]}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":[{"policyId":"","isValid":1,"policyName":"SecurityPolicy-Intercept-Https-00001","policyType":"tsg_security","action":"intercept","userTags":"${Default_UserTags}","doBlacklist":0,"doLog":1,"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"scheduleId":[],"appObjectIdArray":[2]}]}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_cb", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_cb", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "ccb.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.jd.com/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.jd.com/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.jd.com/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_http00002.bat
#${commandstr} set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.ccb.com/cn/home/indexv3.html
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_http00002.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.ccb.com/cn/home/indexv3.html
#${stringlist} Create List 业务申请
${stringlist} Create List Host: www.ccb.com 302 Found Location: https://www.jd.com/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host ccb.com
ProxyPolicy-Redirect-http-00003
[Tags] Redirect IP+cat+url+请求CK+应答SK验证
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*zhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-http-00003-SecurityPolicy", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-http-00003-SecurityPolicy", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "xiao" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建ck对象
${rescodeip} ${object_CK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["collina"],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_Id}
#创建SK对象
${rescodeip} ${object_SK_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_SK","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["domain=.xiaozhu.com"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_CK_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SK_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_http00003.bat
#${commandstr} set variable curl -kv --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' http://www.xiaozhu.com
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_http00003.bat
... ELSE set variable curl -kv --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' http://www.xiaozhu.com
#${stringlist} Create List 手机小猪
${stringlist} Create List Host: www.xiaozhu.com Referer: http://www.baidu.com/ 301 Moved Permanently Location: https://open.douyin.com/platform
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host xiaozhu.com
ProxyPolicy-Redirect-http-00006
[Tags] Redirect fqdn+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.xiaozhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP"}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "www.xiaozhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.toutiao.com/ch/news_hot/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.toutiao.com/ch/news_hot/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.toutiao.com/ch/news_hot/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_http00006.bat
#${commandstr} set variable curl -kv http://www.xiaozhu.com/#ongo/
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_http00006.bat
... ELSE set variable curl -kv http://www.xiaozhu.com/#ongo/
#@{stringlist} set variable 短信快捷登录 html
${stringlist} Create List Host: www.xiaozhu.com 302 Found Location: https://www.toutiao.com/ch/news_hot/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.xiaozhu.com

437
01-TestCase/tsg_adc/api_proxy/RedirectSSLTests.robot
View File

@@ -1,437 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Proxy_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Redirect-ssl-00001
[Tags] Redirect IP+FQDN+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_lj", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_lj", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*lianjia.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Https-00001","policyType":"tsg_security","action":"intercept","userTags":"${Default_UserTags}","doBlacklist":0,"doLog":1,"policyDesc":"${Default_PolicyDesc} ","effectiveRange":{"tag_sets":[[{"tag":"Location","value":["Almaty"],"ids":[2]},{"tag":"ISP","value":["transtel","tnsplus"],"ids":[5,6]}],[{"tag":"Location","value":["Nursurtan"],"ids":[3]},{"tag":"ISP","value":["ktel-mask","ktel-bng","ktel-mxpe"],"ids":[7,8,9]}]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"protocol_errors":1,"cert_pinning":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":8718,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8716,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8719,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":8742,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]}],"isValid":0,"scheduleId":[7],"appObjectIdArray":[3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_lj", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_lj", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "ershoufang" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.bytedance.com/zh", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.bytedance.com/zh", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.bytedance.com/zh", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00001.bat
#${commandstr} set variable curl -kv https://bj.lianjia.com/ershoufang/
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00001.bat
... ELSE set variable curl -kv https://bj.lianjia.com/ershoufang/
${stringlist} Create List Tango Secure Gateway CA Host: bj.lianjia.com 302 Found Location: https://www.bytedance.com/zh
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host lianjia.com
ProxyPolicy-Redirect-ssl-00004
[Tags] Redirect IP+FQDN+请求body selfserver
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*open.node.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "action" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建body对象
${rescodeip} ${object_body_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"keywords", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "123456" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "12312" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_body_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "http://live.gushidaoshi.com/rank", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "http://live.gushidaoshi.com/rank", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ {"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},\ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "http://live.gushidaoshi.com/rank", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00004.bat
#${commandstr} set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=123456&setCookie=set-cookie&contentType=content-type&resBody=Response Body" https://open.node.com/action
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00004.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=123456&setCookie=set-cookie&contentType=content-type&resBody=Response Body" https://open.node.com/action
${stringlist} Create List Tango Secure Gateway CA Host: open.node.com 301 Moved Permanently Location: http://live.gushidaoshi.com/rank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-ssl-00005
[Tags] Redirect ip+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.toutiao.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "www.toutiao.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "http://video.cnfol.com/wptzj/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "http://video.cnfol.com/wptzj/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "http://video.cnfol.com/wptzj/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00005.bat
#${commandstr} set variable curl -kv https://www.toutiao.com/ch/news_hot/
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00005.bat
... ELSE set variable curl -kv https://www.toutiao.com/ch/news_hot/
${stringlist} Create List Tango Secure Gateway CA Host: www.toutiao.com 302 Found Location: http://video.cnfol.com/wptzj/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.toutiao.com
ProxyPolicy-Redirect-ssl-00007
[Tags] Redirect 请求UA+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_gk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_gk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*gamersky.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_gk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_gk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "gamersky.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "http://video.cnfol.com/wptzj/", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "http://video.cnfol.com/wptzj/", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "http://video.cnfol.com/wptzj/", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00007.bat
#${commandstr} set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.gamersky.com/news/
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00007.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.gamersky.com/news/
${stringlist} Create List Tango Secure Gateway CA Host: www.gamersky.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 301 Moved Permanently Location: http://video.cnfol.com/wptzj/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.gamersky.com
ProxyPolicy-Redirect-ssl-00008
[Tags] Redirect 应答CT+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_nk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_nk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*nationalbank.kz" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_nk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_nk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "nationalbank" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00008.bat
#${commandstr} set variable curl -kv https://nationalbank.kz/
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00008.bat
... ELSE set variable curl -kv https://nationalbank.kz/
${stringlist} Create List Tango Secure Gateway CA Host: nationalbank.kz 302 Found Location: https://open.douyin.com/platform/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host nationalbank.kz
ProxyPolicy-Redirect-ssl-00009
[Tags] Redirect 请求body+url selfserver
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*open.node.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "action" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建body对象
${rescodeip} ${object_body_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"keywords", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "123456" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "12312" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_body_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform/", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform/", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform/", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00009.bat
#${commandstr} set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=123456&setCookie=set-cookie&contentType=content-type&resBody=Response Body" https://open.node.com/action
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00009.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=123456&setCookie=set-cookie&contentType=content-type&resBody=Response Body" https://open.node.com/action
${stringlist} Create List Tango Secure Gateway CA Host: open.node.com 301 Moved Permanently Location: https://open.douyin.com/platform/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-ssl-00010
[Tags] Redirect IP+cat+url+请求UA+应答CT英文
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*twitch.tv" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "directory" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建UA对象
${rescodeip} ${object_UA_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建CT对象
${rescodeip} ${object_CT_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://vk.com/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://vk.com/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://vk.com/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CT_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]},{"objectId":${object_UA_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00010.bat
#${commandstr} set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.twitch.tv/directory
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00010.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.twitch.tv/directory
${stringlist} Create List Tango Secure Gateway CA Host: www.twitch.tv User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 302 Found Location: https://vk.com/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host twitch.tv
ProxyPolicy-Redirect-ssl-00011
[Tags] Redirect IP+FQDN+url俄文
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*zakon.kz" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_tt", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "www.zakon.kz/top_news/" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.nur.kz/", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://www.nur.kz/", "code": 301,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00011.bat
#${commandstr} set variable curl -kv https://www.zakon.kz/top_news/
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00011.bat
... ELSE set variable curl -kv https://www.zakon.kz/top_news/
${stringlist} Create List Tango Secure Gateway CA Host: www.zakon.kz 301 Moved Permanently Location: https://www.nur.kz/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host zakon.kz
ProxyPolicy-Redirect-ssl-00012
[Tags] Redirect selfserver 请求body俄文+url
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*open.node.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建安全策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "action" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建body对象
${rescodeip} ${object_body_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"keywords", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_body_bk", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "рускйсекс" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "12312" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_body_Id}
#创建管控策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-Redirect-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "redirect", "to": "https://open.douyin.com/platform/", "code": 302,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_body_Id},"protocolFields":["TSG_FIELD_HTTP_REQ_CONTENT"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
#${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00012.bat
#${commandstr} set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=рускйсекс&setCookie=set-cookie&contentType=content-type&resBody=Response Body" https://open.node.com/action
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00012.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=рускйсекс&setCookie=set-cookie&contentType=content-type&resBody=Response Body" https://open.node.com/action
${stringlist} Create List Tango Secure Gateway CA Host: open.node.com 302 Found Location: https://open.douyin.com/platform/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

164
01-TestCase/tsg_adc/api_proxy/ReplaceHttpTests.robot
View File

@@ -1,164 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Proxy_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${PolicyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Replace-http-00001
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"yyq_proxypolicy_replace_00001_fqdn","objectDesc":"*zhu.com","subObjectIds":[],"addItemList":[{"keywordArray":["*zhu.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
#创建安全策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Http-00001","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Http-00001","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"yyq_url_xiaozhu.com","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["xiaozhu.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Replace-Http-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_uri","find":"fangzi","replace_with":"mao"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Replace-Http-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_uri","find":"fangzi","replace_with":"mao"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Replace_http00001.bat
... ELSE set variable curl -kv http://sz.xiaozhu.com/fangzi/6257935516.html
${stringlist} Create List mao
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host xiaozhu.com
ProxyPolicy-Replace-http-00002
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"yyq_proxypolicy_replace_00002_fqdn","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ya.cn"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
#创建安全策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Http-00002","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Http-00002","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"yyq_url_ly.com","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["ya.cn"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Replace-Http-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_resp_body","find":"天涯","replace_with":"海角"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Replace-Http-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_resp_body","find":"天涯","replace_with":"海角"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Replace_http00002.bat
... ELSE set variable curl -kv http://www.tianya.cn/
${stringlist} Create List 海角
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host tianya.cn
ProxyPolicy-Replace-http-00003
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"yyq_proxypolicy_replace_00001_fqdn","objectDesc":"*cn.com","subObjectIds":[],"addItemList":[{"keywordArray":["*cn.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
#创建安全策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Http-00001","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Http-00001","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"yyq_url_miercn.com","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["miercn.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Replace-Http-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_header","find":"a","replace_with":"b"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Replace-Http-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_header","find":"a","replace_with":"b"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Replace_http00003.bat
... ELSE set variable curl -kv http://military.miercn.com/
${stringlist} Create List b
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host miercn.com
ProxyPolicy-Replace-http-00004
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"yyq_proxypolicy_replace_00001_fqdn","objectDesc":"*room.com","subObjectIds":[],"addItemList":[{"keywordArray":["*room.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
#创建安全策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Http-00001","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Intercept-Http-00001","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除安全策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建管控对象url
${rescodeip} ${object_url_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"yyq_url_ziroom.com","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["ziroom.com/life"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建管控策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Replace-Http-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_resp_header","find":"UTF-8","replace_with":"utf-8"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"ProxyPolicy-Replace-Http-00001","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_resp_header","find":"UTF-8","replace_with":"utf-8"}],"protocol":"HTTP"},"isValid":1,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_url_Id},"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
${rescode} ${policyId3} AddPolicy ${addPolicyStr}
log ${policyId3}
${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
#删除所有策略
${policyIds} Create List ${policyId1} ${policyId2}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Replace_http00004.bat
... ELSE set variable curl -kv http://www.ziroom.com/life/index
${stringlist} Create List utf-8
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host ziroom.com

30
01-TestCase/tsg_adc/api_security/AllowHttpTests.robot
View File

@@ -19,17 +19,15 @@ SecurityPolicy-Allow-Http-00001
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建 Deny 搭配Allow
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
log ${addPolicyStr}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
log ${policyId1}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建allow策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds2} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
@@ -49,25 +47,25 @@ SecurityPolicy-Allow-Http-00001
SecurityPolicy-Allow-Http-00002
[Tags] Allow SubID Category DENY HTTP
# #创建对象Subid
# ${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"SecurityPolicy-Allow-Http-00002_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
# log ${object_Subid_Id}
# ${objectids} set Variable ${object_Subid_Id}
#创建对象Subid
${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"SecurityPolicy-Allow-Http-00002_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Subid_Id}
${objectids} set Variable ${object_Subid_Id}
#创建对象Categry
${rescodeip} ${object_Category_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","objectSubType":"","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"SecurityPolicy-Allow-Http-00002-Categry","objectDesc":"autotest","subObjectIds":[],"addItemList":[{"keywordArray":["*www.ccb.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Category_Id}
${objectids} set Variable ${object_Category_Id}
${objectids} set Variable ${object_Subid_Id},${object_Category_Id}
#创建 Deny 搭配Allow
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00002_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00002_deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00002_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id} ,"protocolFields":[]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00002_deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[null]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
log ${addPolicyStr}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
log ${policyId1}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00002","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00002","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[null]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
@@ -94,17 +92,15 @@ SecurityPolicy-Allow-Http-00003
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建 Deny 搭配Allow
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
log ${addPolicyStr}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
log ${policyId1}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建allow策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds2} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}

44
01-TestCase/tsg_adc/api_security/AllowSSLTests.robot
View File

@@ -1,7 +1,7 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security
Library OperatingSystem
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
@@ -13,25 +13,23 @@ ${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Allow-SSL-00001
[Tags] Allow IP FQDN DENY HTTP
#创建对象 IP
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象 FQDN
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_FQDN_icbc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ww.sogou.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建 Deny 搭配Allow
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
log ${addPolicyStr}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
log ${policyId1}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}} \
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} \
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
@@ -47,30 +45,28 @@ SecurityPolicy-Allow-SSL-00001
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.sogou.com
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni icbc
SecurityPolicy-Allow-SSL-00002
[Tags] Allow SubID Category DENY HTTP
# #创建对象Subid
# ${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
# log ${object_Subid_Id}
# ${objectids} set Variable ${object_Subid_Id}
#创建对象Subid
${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Subid_Id}
${objectids} set Variable ${object_Subid_Id}
#创建对象Categry
${rescodeip} ${object_Category_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_category","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*jd.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
${rescodeip} ${object_Category_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_category","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*arch.jd.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Category_Id}
${objectids} set Variable ${object_Category_Id}
${objectids} set Variable ${object_Subid_Id},${object_Category_Id}
#创建 Deny 搭配Allow
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[null]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id} ,"protocolFields":[]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id} ,"protocolFields":[]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
log ${addPolicyStr}
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
log ${policyId1}
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
log ${policyId2}
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
@@ -82,10 +78,10 @@ SecurityPolicy-Allow-SSL-00002
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${commandreturn} OperatingSystem.Run curl -I \ -m \ 10 \ -o \ /dev/null \ -s \ -w \ \ \%{http_code} \ \ https://www.jd.com/
${commandreturn} OperatingSystem.Run curl -I \ -m \ 10 \ -o \ /dev/null \ -s \ -w \ \ \%{http_code} \ \ http://www.ccb.com
should contain ${commandreturn} 200
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.jd.com
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni icbc

37
01-TestCase/tsg_adc/api_security/DenyDNSTests.robot
View File

@@ -5,6 +5,7 @@ Library OperatingSystem #Test Setup Login #Test Teardown L
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Library Custometest
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
*** Test Cases ***
@@ -13,14 +14,13 @@ SecurityPolicy-Deny-DNS-00001
#创建对象 IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象 FQDN
#创建对象 FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_Deny_fqdn_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$www.ziroom.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[4]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -31,29 +31,28 @@ SecurityPolicy-Deny-DNS-00001
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${commandstr} set variable nslookup -d www.ziroom.com
${stringlista} set variable 超时
${stringlista} set variable 超时
${stringlist} Create List ${stringlista}
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname ziroom
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni xiaozhu
SecurityPolicy-Deny-DNS-00002
[Tags] Deny Sub_Category
# #创建对象 Sub
# ${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
# log ${object_Sub_Id}
# ${objectids} set Variable ${object_Sub_Id}
#创建对象 Sub
${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Sub_Id}
${objectids} set Variable ${object_Sub_Id}
#创建对象 Cat
${rescodeip} ${object_Cat_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_Cat_smsp","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$smspunch.net"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Cat_Id}
${objectids} set Variable ${object_Cat_Id}
${objectids} set Variable ${object_Sub_Id},${object_Cat_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}],"keyring":1},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}]},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[4]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}]},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}],"keyring":1},"referenceObject":[{"objectId":${object_Sub_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}],"keyring":1},"referenceObject":[{"objectId":${object_Sub_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -64,12 +63,12 @@ SecurityPolicy-Deny-DNS-00002
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${commandstr} set variable nslookup -d www.smspunch.net
#@{stringlist} set variable www.ly.com
${stringlista} set variable 超时
${stringlist} Create List ${stringlista}
${rescode} SystemCommands ${commandstr} ${stringlist}
@{stringlist} set variable www.ly.com
${rescode} SystemCommands ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname smspunch
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni xiaozhu

92
01-TestCase/tsg_adc/api_security/DenyFtpTests.robot
View File

@@ -1,7 +1,7 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security
Library OperatingSystem
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
@@ -10,18 +10,17 @@ Library Custometest
*** Test Cases ***
SecurityPolicy-Deny-FTP-00001
[Tags] Deny Sub_Account
# #创建对象 Sub
# ${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
# log ${object_Sub_Id}
# ${objectids} set Variable ${object_Sub_Id}
#创建对象 Account
#创建对象 Sub
${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Sub_Id}
${objectids} set Variable ${object_Sub_Id}
#创建对象 Account
${rescodeip} ${object_Account_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_Account","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["anony*"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Account_Id}
${objectids} set Variable ${object_Account_Id}
${objectids} set Variable ${object_Sub_Id},${object_Account_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[]},{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[null]},{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[null]},{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Sub_Id} ,"protocolFields":[]},{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Sub_Id} ,"protocolFields":[]},{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -32,7 +31,7 @@ SecurityPolicy-Deny-FTP-00001
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${FTP} FTP 登录
should contain ${FTP} ftp_fail
should contain ${FTP} Deny Success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
@@ -51,11 +50,10 @@ SecurityPolicy-Deny-FTP-00002
#创建对象 Content
${rescode_deny} ${object_Content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"ZMM_FTP_Content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["accountsservice"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Content_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Content_id}
${objectids} set Variable ${object_URI_Id},${object_Content_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${object_URI_Id} ,"protocolFields":["TSG_FIELD_FTP_URI"]},{"objectId":${object_Content_id} ,"protocolFields":["TSG_FIELD_FTP_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_URI_Id} ,"protocolFields":["TSG_FIELD_FTP_URI"]},{"objectId":${object_Content_id} ,"protocolFields":["TSG_FIELD_FTP_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${object_URI_Id} ,"protocolFields":["TSG_FIELD_FTP_URI"]},{"objectId":${object_Content_id} ,"protocolFields":["TSG_FIELD_FTP_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${object_URI_Id} ,"protocolFields":["TSG_FIELD_FTP_URI"]},{"objectId":${object_Content_id} ,"protocolFields":["TSG_FIELD_FTP_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_URI_Id} ,"protocolFields":["TSG_FIELD_FTP_URI"]},{"objectId":${object_Content_id} ,"protocolFields":["TSG_FIELD_FTP_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -67,7 +65,7 @@ SecurityPolicy-Deny-FTP-00002
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${FTP} FTP 下载
should contain ${FTP} ftp_fail
should contain ${FTP} Deny Success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
@@ -81,9 +79,8 @@ SecurityPolicy-Deny-FTP-00003
log ${object_Account_Id}
${objectids} set Variable ${object_Account_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -94,64 +91,11 @@ SecurityPolicy-Deny-FTP-00003
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${FTP} FTP 登录
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account anonymous
SecurityPolicy-Deny-FTP-00004
[Tags] Deny Sub_Account
#创建对象 Account
${rescodeip} ${object_Account_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_Account","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["anony*"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Account_Id}
${objectids} set Variable ${object_Account_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}],"keyring":1},"referenceObject":[{"objectId":${object_Sub_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
#log ${rescode}
#log ${policyId}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${FTP} FTP_login ftp://202.38.97.230/pub/iso/linux/knoppix/KNOPPIX_V7.7.1DVD-2016-10-22-EN/dpkg-l-dvd-771.txt -u"anonymous:chrome@example.com" Graphical (Xorg) program starter for ADRIANE
should contain ${FTP} ftp_fail
should contain ${FTP} Deny Success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account anonymous
SecurityPolicy-Deny-FTP-00005
[Tags] Deny Sub_Account
#创建对象 Account
${rescodeip} ${object_Account_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_Account","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["anony*"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Account_Id}
${objectids} set Variable ${object_Account_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-FTP-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}],"keyring":1},"referenceObject":[{"objectId":${object_Sub_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
#log ${rescode}
#log ${policyId}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${FTP} FTP_down ftp://202.38.97.230/pub/iso/linux/knoppix/KNOPPIX_V7.7.1DVD-2016-10-22-EN/dpkg-l-dvd-771.txt -u"anonymous:chrome@example.com" 435814 zmmtext123.txt
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://202.38.97.230/pub/iso/linux/knoppix/KNOPPIX_V7.7.1DVD-2016-10-22-EN/dpkg-l-dvd-771.txt

54
01-TestCase/tsg_adc/api_security/DenyHttpTests.robot
View File

@@ -1,10 +1,11 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security
Library OperatingSystem
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Library Custometest
*** Test Cases ***
SecurityPolicy-Deny-HTTP-00001
@@ -12,26 +13,25 @@ SecurityPolicy-Deny-HTTP-00001
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#创建对象 Category
#创建对象Category
${rescodeip} ${object_Category_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_cat_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*oom.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Category_Id}
${objectids} set Variable ${object_Category_Id}
#创建对象URL
${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_url-ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["www.ziroom.com/li*"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id}
${objectids} set Variable ${object_Category_Id},${object_URL_id}
#创建对象UA
${rescode_deny} ${object_UA_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_UA_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_id}
${objectids} set Variable ${object_Category_Id},${object_URL_id},${object_UA_id}
#创建对象CT
${rescode_deny} ${object_CT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ct_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CT_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_id}
${objectids} set Variable ${object_Category_Id},${object_URL_id},${object_UA_id},${object_CT_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -40,45 +40,41 @@ SecurityPolicy-Deny-HTTP-00001
#log ${rescode}
#log ${policyId}
#功能端验证
#Sleep ${policyVerificationSleepSeconds}s
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
# ${commandreturn} run keyword if '${systemType}'=='Windows' OperatingSystem.Run curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://www.ziroom.com/life/index \ \ | iconv -f utf-8 -t gbk
# ... ELSE OperatingSystem.Run curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.ziroom.com/life/index
# should not contain ${commandreturn} 营业执照
#Sleep ${policyLogVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://www.ziroom.com/life/index \ \ | iconv -f utf-8 -t gbk
should not contain ${commandreturn} 营业执照
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host ziroom
GetLogList security_event_log 2020-04-15 19:22:01 2020-04-15 19:23:22 ${testClentIP} 4906 http_host open.node.com
#{"value":["2020-04-15 18:50:57","2020-04-15 19:00:53"],"symbol":"between","field":"common_recv_time","type":"timestamp"}]
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host ziroom
SecurityPolicy-Deny-HTTP-00002
[Tags] Deny Fqdn_Url_CK_SC
# #创建对象SubID
# ${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
# log ${object_Subid_Id}
# ${objectids} set Variable ${object_Subid_Id}
#创建对象SubID
${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Subid_Id}
${objectids} set Variable ${object_Subid_Id}
#创建对象FQDN
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_xiaozhu_fqdn","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*zhu.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_FQDN_Id}
${objectids} set Variable ${object_FQDN_Id}
${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id}
#创建对象URL
${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_xiaozhu_url","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ozhu.com/"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_URL_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id}
${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id}
#创建对象CK
${rescode_deny} ${object_CK_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_xiaozhu_cookie","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192"],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CK_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_id}
${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id},${object_CK_id}
#创建对象SC
${rescode_deny} ${object_SC_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*domain=.xiaozhu.com"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SC_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SC_id}
${objectids} set Variable ${object_Subid_Id},${object_FQDN_Id},${object_URL_id},${object_CK_id},${object_SC_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"rst","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"rst"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"rst"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"rst","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"rst","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -88,11 +84,11 @@ SecurityPolicy-Deny-HTTP-00002
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${commandreturn} run keyword if '${systemType}'=='Windows' OperatingSystem.Run curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' \ http://www.xiaozhu.com \ \ | iconv -f utf-8 -t gbk
... ELSE OperatingSystem.Run curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' http://www.xiaozhu.com
${commandreturn} OperatingSystem.Run curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' \ http://www.xiaozhu.com \ \ | iconv -f utf-8 -t gbk
should contain ${commandreturn} 403
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host xiaozhu

87
01-TestCase/tsg_adc/api_security/DenyMailTests.robot
View File

@@ -1,16 +1,18 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
Library Custometest
Library OperatingSystem #Test Setup Login #Test Teardown Logout
Resource ../../02-Keyword/tsg-adc/systemcommand.txt
Resource ../../02-Keyword/tsg-bf-api/policyobject.txt
Resource ../../02-Keyword/tsg-bf-api/logvariable.txt
Resource ../../02-Keyword/tsg-bf-api/logschema.txt #Resource log-3.robot
Library custometest
Resource ../../02-Keyword/tsg-ui/StmpHandle2.robot
*** Test Cases ***
SecurityPolicy-Deny-Mail-00001
[Tags] Deny URI_Content
#创建对象 Sub
#创建对象 Sub
#${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_Sub_Id}
#${objectids} set Variable ${object_Sub_Id}
@@ -19,9 +21,8 @@ SecurityPolicy-Deny-Mail-00001
log ${object_Account_Id}
${objectids} set Variable ${object_Account_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"rst","code":""},"referenceObject":[{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"rst","code":""},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"rst","code":""},"referenceObject":[{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"rst","code":""},"referenceObject":[{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"rst","code":""},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -33,7 +34,7 @@ SecurityPolicy-Deny-Mail-00001
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${mail} EmailLogin smtp.163.com 25 z1343921421z@163.com QKCEUFAJJRZLJKQE
should contain ${mail} mail_fail
should contain ${mail} fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
@@ -45,34 +46,33 @@ SecurityPolicy-Deny-Mail-00002
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
# #创建对象 Subject
# ${rescodeip} ${object_Subject_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_subject","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明subject"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
# log ${object_Subject_Id}
# ${objectids} set Variable ${object_Subject_Id}
#创建对象 Subject
${rescodeip} ${object_Subject_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_subject","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明subject"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Subject_Id}
${objectids} set Variable ${object_Subject_Id}
#创建对象 Content
${rescode_deny} ${object_Content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明content"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Content_id}
${objectids} set Variable ${object_Content_id}
${objectids} set Variable ${object_Subject_Id},${object_Content_id}
#创建对象 Att_name
${rescode_deny} ${object_Att_name_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ATT_Name","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明测试文件"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Att_name_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Att_name_id}
${objectids} set Variable ${object_Subject_Id},${object_Content_id},${object_Att_name_id}
#创建对象 att_content
${rescode_deny} ${object_att_content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明测试文件内容"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_att_content_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_att_content_id}
${objectids} set Variable ${object_Subject_Id},${object_Content_id},${object_Att_name_id},${object_att_content_id}
#创建对象 From
${rescode_deny} ${object_From_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_from","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["z1343921421z@163.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_From_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_From_id}
${objectids} set Variable ${object_Subject_Id},${object_Content_id},${object_Att_name_id},${object_att_content_id},${object_From_id}
#创建对象 to
${rescode_deny} ${object_to_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_to","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["z1789327568z@163.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_to_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_to_id}
${objectids} set Variable ${object_Subject_Id},${object_Content_id},${object_Att_name_id},${object_att_content_id},${object_From_id},${object_to_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -92,7 +92,7 @@ SecurityPolicy-Deny-Mail-00002
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
should contain ${发送邮件返回结果} fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
@@ -100,17 +100,17 @@ SecurityPolicy-Deny-Mail-00002
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account z1343921421z@163.com
SecurityPolicy-Deny-Mail-00003
[Tags] Deny Subject AloneObject
[Tags] Deny Subject
#创建对象IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
# #创建对象 Subject
# ${rescodeip} ${object_Subject_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_subject","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明subject"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
# log ${object_Subject_Id}
# ${objectids} set Variable ${object_Subject_Id}
#创建对象 Subject
${rescodeip} ${object_Subject_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_subject","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明subject"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Subject_Id}
${objectids} set Variable ${object_Subject_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00003","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00003","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -130,7 +130,7 @@ SecurityPolicy-Deny-Mail-00003
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
should contain ${发送邮件返回结果} fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
@@ -148,8 +148,7 @@ SecurityPolicy-Deny-Mail-00004
${objectids} set Variable ${object_Content_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00004","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00004","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00004","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -169,7 +168,7 @@ SecurityPolicy-Deny-Mail-00004
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
should contain ${发送邮件返回结果} fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
@@ -187,8 +186,7 @@ SecurityPolicy-Deny-Mail-00005
${objectids} set Variable ${object_Att_name_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00005","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00005","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00005","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -208,7 +206,7 @@ SecurityPolicy-Deny-Mail-00005
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
should contain ${发送邮件返回结果} fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
@@ -226,8 +224,7 @@ SecurityPolicy-Deny-Mail-00006
${objectids} set Variable ${object_att_content_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00006","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00006","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00006","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -247,7 +244,7 @@ SecurityPolicy-Deny-Mail-00006
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
should contain ${发送邮件返回结果} fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
@@ -265,8 +262,7 @@ SecurityPolicy-Deny-Mail-00007
${objectids} set Variable ${object_From_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00007","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00007","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00007","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -286,7 +282,7 @@ SecurityPolicy-Deny-Mail-00007
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
should contain ${发送邮件返回结果} fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
@@ -304,8 +300,7 @@ SecurityPolicy-Deny-Mail-00008
${objectids} set Variable ${object_to_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00008","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00008","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00008","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -325,7 +320,7 @@ SecurityPolicy-Deny-Mail-00008
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
should contain ${发送邮件返回结果} fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证

42
01-TestCase/tsg_adc/api_security/DenySSLTests.robot
View File

@@ -1,14 +1,18 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Library OperatingSystem #Test Setup Login #Test Teardown Logout
Resource ../../02-Keyword/tsg-adc/systemcommand.txt
Resource ../../02-Keyword/tsg-bf-api/policyobject.txt
Resource ../../02-Keyword/tsg-bf-api/logvariable.txt
Resource ../../02-Keyword/tsg-bf-api/logschema.txt #Resource log-3.robot
Library custometest
Resource ../../02-Keyword/tsg-ui/StmpHandle2.robot
*** Test Cases ***
SecurityPolicy-Deny-SSL-00001
[Tags] Deny SSL SNI_SAN_CN_Category
#创建对象 IP
#创建对象 IP
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
#log ${object_IP_Id}
#${objectids} set Variable ${object_Subid_Id}
@@ -19,15 +23,14 @@ SecurityPolicy-Deny-SSL-00001
#创建对象 SAN_CAT
${rescode_deny} ${object_SAN_CAT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_SSL_jd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SAN_CAT_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SAN_CAT_id}
${objectids} set Variable ${object_SNI_CAT_Id},${object_SAN_CAT_id}
#创建对象 CN_CAT
${rescode_deny} ${object_CN_CAT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_SSL_jd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CN_CAT_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CN_CAT_id}
${objectids} set Variable ${object_SNI_CAT_Id},${object_SAN_CAT_id},${object_CN_CAT_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_SNI_CAT_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_CAT_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_CAT_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_SNI_CAT_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_CAT_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_CAT_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${object_SNI_CAT_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_CAT_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_CAT_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_SNI_CAT_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_CAT_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_CAT_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${object_SNI_CAT_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_CAT_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_CAT_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -47,26 +50,25 @@ SecurityPolicy-Deny-SSL-00001
SecurityPolicy-Deny-SSL-00002
[Tags] Deny Fqdn_SNI_CN_SAN
# #创建对象 Sub
# ${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
# log ${object_Sub_Id}
# ${objectids} set Variable ${object_Sub_Id}
#创建对象 Sub
${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Sub_Id}
${objectids} set Variable ${object_Sub_Id}
#创建对象 SNI_FQDN
${rescodeip} ${object_SNI_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_SSL_sogou","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ogou.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SNI_FQDN_Id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SNI_FQDN_Id}
${objectids} set Variable ${object_Sub_Id},${object_SNI_FQDN_Id}
#创建对象 SAN_FQDN
${rescode_deny} ${object_SAN_FQDN_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_SSL_sogou","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ogou.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_SAN_FQDN_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SAN_FQDN_id}
${objectids} set Variable ${object_Sub_Id},${object_SNI_FQDN_Id},${object_SAN_FQDN_id}
#创建对象 CN_FQDN
${rescode_deny} ${object_CN_FQDN_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_SSL_sogou","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ogou.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_CN_FQDN_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CN_FQDN_id}
${objectids} set Variable ${object_Sub_Id},${object_SNI_FQDN_Id},${object_SAN_FQDN_id},${object_CN_FQDN_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Sub_Id},"protocolFields":[]},{"objectId":${object_SNI_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_SNI_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_SNI_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Sub_Id},"protocolFields":[]},{"objectId":${object_SNI_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-SSL-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Sub_Id},"protocolFields":[]},{"objectId":${object_SNI_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]},{"objectId":${object_CN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_CN"]},{"objectId":${object_SAN_FQDN_id},"protocolFields":["TSG_FIELD_SSL_SAN"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
@@ -83,3 +85,5 @@ SecurityPolicy-Deny-SSL-00002
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni xiaozhu

761
01-TestCase/tsg_adc/api_security/Intercept_SSL_Decryption_Tests.robot
View File

@@ -1,761 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/decryption
${profileId} ${EMPTY}
*** Test Cases ***
Intercept_SSL_Decryption-00001
[Tags] intercpt-服务器证书校验开关关闭
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":0,"cert_pinning":0,"cert_transparency":0,"protocol_errors":0,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*badssl.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL005.bat
... ELSE set variable curl -kv https://wrong.host.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni wrong.host.badssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006.bat
... ELSE set variable curl -kv https://untrusted-root.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni untrusted-root.badssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL004.bat
... ELSE set variable curl -kv https://self-signed.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni self-signed.badssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL003.bat
... ELSE set variable curl -kv https://expired.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni expired.badssl.com
Intercept_SSL_Decryption-00002
[Tags] 拦截intercpt-服务器证书校验打开-failclose
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":0,"cert_pinning":0,"cert_transparency":0,"protocol_errors":0,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*badssl.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL005.bat
... ELSE set variable curl -kv https://wrong.host.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni wrong.host.badssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006.bat
... ELSE set variable curl -kv https://untrusted-root.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni untrusted-root.badssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL004.bat
... ELSE set variable curl -kv https://self-signed.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni self-signed.badssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL003.bat
... ELSE set variable curl -kv https://expired.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni expired.badssl.com
Intercept_SSL_Decryption-00003
[Tags] 拦截intercpt-服务器证书校验打开-pass-through
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":0,"cert_pinning":0,"cert_transparency":0,"protocol_errors":0,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"pass-through"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*badssl.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL005.bat
... ELSE set variable curl -kv https://wrong.host.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni wrong.host.badssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006.bat
... ELSE set variable curl -kv https://untrusted-root.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni untrusted-root.badssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL004.bat
... ELSE set variable curl -kv https://self-signed.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni self-signed.badssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL003.bat
... ELSE set variable curl -kv https://expired.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni expired.badssl.com
Intercept_SSL_Decryption-00004
[Tags] intercpt-EV关闭
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":0,"cert_pinning":0,"cert_transparency":0,"protocol_errors":0,"ev_cert":1,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*myssl.com,*myssl.cn
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL003_004.bat
... ELSE set variable curl -kv https://myssl.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni myssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL005_007.bat
... ELSE set variable curl -kv https://www.myssl.cn
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni myssl.cn
Intercept_SSL_Decryption-00005
[Tags] intercpt-EV开启
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":0,"cert_pinning":0,"cert_transparency":0,"protocol_errors":0,"ev_cert":1,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*myssl.com,*myssl.cn
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL003_004.bat
... ELSE set variable curl -kv https://myssl.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni myssl.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL005_007.bat
... ELSE set variable curl -kv https://www.myssl.cn
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni myssl.cn
Intercept_SSL_Decryption-00006
[Tags] 拦截intercpt-CT关闭
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":0,"cert_pinning":0,"cert_transparency":0,"protocol_errors":1,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*vip.com,*jd.com,*mail.ru
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_008.bat
... ELSE set variable curl -kv https://coll.jd.com/?e=illegalTopic/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni coll.jd.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_010.bat
... ELSE set variable curl -kv https://www.vip.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.vip.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_007.bat
... ELSE set variable curl -kv https://mail.ru/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni mail.ru
Intercept_SSL_Decryption-00007
[Tags] 拦截intercpt-CT开启
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":0,"cert_pinning":0,"cert_transparency":1,"protocol_errors":1,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*vip.com,*jd.com,*mail.ru
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_008.bat
... ELSE set variable curl -kv https://coll.jd.com/?e=illegalTopic/
${stringlist} run keyword if '${systemType}'=='Windows' set variable GlobalSign RSA OV SSL CA 2018
... ELSE set variable GlobalSign RSA OV SSL CA 2018
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni coll.jd.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_010.bat
... ELSE set variable curl -kv https://www.vip.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Secure Site Pro CA G2
... ELSE set variable Secure Site Pro CA G2
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.vip.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_007.bat
... ELSE set variable curl -kv https://mail.ru/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni mail.ru
Intercept_SSL_Decryption-00008
[Tags] 拦截intercpt-MA关闭
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":0,"cert_pinning":0,"cert_transparency":0,"protocol_errors":0,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*badssl.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00008 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL008_9.bat
... ELSE set variable curl -kv https://client.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni client.badssl.com
Intercept_SSL_Decryption-00009
[Tags] 拦截intercpt-MA开启
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":1,"cert_pinning":0,"cert_transparency":0,"protocol_errors":0,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*badssl.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00009 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL008_9.bat
... ELSE set variable curl -kv https://client.badssl.com/
${stringlist} run keyword if '${systemType}'=='Windows' set variable DigiCert SHA2 Secure Server CA
... ELSE set variable DigiCert SHA2 Secure Server CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni client.badssl.com
Intercept_SSL_Decryption-00010
[Tags] 拦截intercpt-协议版本-SSL3
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"ssl3","mirror_client":0,"allow_http2":0}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*newdaynews.ru,*ya.ru,*yandex.ru
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00010 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL010_10.bat
... ELSE set variable curl -kv https://newdaynews.ru/moskow/665390.html/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni newdaynews.ru
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL010_11.bat
... ELSE set variable curl -kv https://ya.ru
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni ya.ru
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL010_12.bat
... ELSE set variable curl -kv https://yandex.ru
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni yandex.ru
Intercept_SSL_Decryption-00011
[Tags] 拦截intercpt-协议版本-TLS1.0
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"tls10","max":"tls10","mirror_client":0,"allow_http2":0}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*newdaynews.ru,*github.com,*jd.com,*mi.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00011 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL010_10.bat
... ELSE set variable curl -kv https://newdaynews.ru/moskow/665390.html/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni newdaynews.ru
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL011_12.bat
... ELSE set variable curl -kv https://github.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni github.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL009.bat
... ELSE set variable curl -kv https:///www.mi.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni mi.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_008.bat
... ELSE set variable curl -kv https://coll.jd.com/?e=illegalTopic/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni coll.jd.com
Intercept_SSL_Decryption-00012
[Tags] 拦截intercpt-协议版本-TLS1.1
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"tls11","max":"tls11","mirror_client":0,"allow_http2":0}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*newdaynews.ru,*github.com,*jd.com,*mi.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00012 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL010_10.bat
... ELSE set variable curl -kv https://newdaynews.ru/moskow/665390.html/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni newdaynews.ru
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL011_12.bat
... ELSE set variable curl -kv https://github.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni github.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL009.bat
... ELSE set variable curl -kv https:///www.mi.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni mi.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_008.bat
... ELSE set variable curl -kv https://coll.jd.com/?e=illegalTopic/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni coll.jd.com
Intercept_SSL_Decryption-00013
[Tags] 拦截intercpt-协议版本-TLS1.2
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"tls12","max":"tls12","mirror_client":0,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*jd.com,*taobao.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00013 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_008.bat
... ELSE set variable curl -kv https://coll.jd.com/?e=illegalTopic/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni coll.jd.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL011.bat
... ELSE set variable curl -kv https://www.taobao.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni taobao.com
Intercept_SSL_Decryption-00014
[Tags] 拦截intercpt-协议版本-TLS1.3
Comment 创建Decryption Profile
${dynamic_bypass} set variable "dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0,"trusted_root_cert_is_not_installed_on_client":0}
${protocol_version} set variable "protocol_version":{"min":"tls13","max":"tls13","mirror_client":0,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"fail-close"}
${data} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileId":"","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${response} CreatePolicyFileNoFile ${url} ${data}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*vip.com,*github.com,*halfrost.com,*mi.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00014 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":${profiledId},"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_010.bat
... ELSE set variable curl -kv https://www.vip.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni vip.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL012.bat
... ELSE set variable curl -kv https://halfrost.com/tls1-3_start/
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni halfrost.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL009.bat
... ELSE set variable curl -kv https:///www.mi.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Connection was reset
... ELSE set variable Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni mi.com
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL011_12.bat
... ELSE set variable curl -kv https://github.com
${stringlist} run keyword if '${systemType}'=='Windows' set variable Tango Secure Gateway CA
... ELSE set variable Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni github.com

102
01-TestCase/tsg_adc/api_security/InteseptHttpTests.robot
View File

@@ -1,102 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Intesept-Http-00001
[Tags] Intercept http ip+fqdn
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_wenming", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_wenming", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.wenming.cn" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Http-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Http-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[2]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Http-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} set variable curl -I -m 10 -o /dev/null -s -w \%{http_code} http://www.wenming.cn
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run ${commandstr}
should contain ${commandreturn} 200
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_domain wenming.cn
SecurityPolicy-Intesept-Http-00002
[Tags] Intercept http SUB+CAT
# #创建对象SUB ID
# ${rescode} ${object_SUB_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"subscriberid", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$jwctest" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
# log ${object_SUB_Id}
# #删除对象
# ${objectids} set Variable ${object_SUB_Id}
#创建cat
${rescode} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_cat_newsgd", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_cat_newsgd", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*newsgd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]}, \ \ \ \ \ \ \ \ {"objectId":${object_cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_cat_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} set variable curl -I -m 10 -o /dev/null -s -w \%{http_code} http://www.newsgd.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run ${commandstr}
should contain ${commandreturn} 200
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_domain www.newsgd.com
SecurityPolicy-Intesept-Http-00003
[Tags] Intercept http ip+fqdn
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_pl", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_pl", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$poplar.ru" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[2]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Http-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} set variable curl -I -m 10 -o /dev/null -s -w \%{http_code} http://poplar.ru/
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run ${commandstr}
should contain ${commandreturn} 200
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_domain poplar.ru

393
01-TestCase/tsg_adc/api_security/InteseptSSLTests.robot
View File

@@ -1,393 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Intesept-Https-00001
[Tags] Intercept https ip+fqdn
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.youtube.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL001.bat
... ELSE set variable curl -kv https://www.youtube.com
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.youtube.com
SecurityPolicy-Intesept-Https-00002
[Tags] Intercept https SUB+CAT
# #创建对象SUB ID
# ${rescode} ${object_SUB_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"subscriberid", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$jwctest" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
# log ${object_SUB_Id}
# #删除对象
# ${objectids} set Variable ${object_SUB_Id}
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_cat_facebook", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_cat_facebook", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*facebook.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, \ \ \ \ \ \ \ \ {"objectId":${testClentSubID}, \ \ \ \ \ \ \ \ "protocolFields":[]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, \ \ \ \ \ \ \ \ {"objectId":${testClentSubID}, \ \ \ \ \ \ \ \ "protocolFields":[null]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, \ \ \ \ \ \ \ \ {"objectId":${testClentSubID}, \ \ \ \ \ \ \ \ "protocolFields":[]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL002.bat
... ELSE set Variable curl -kv https://www.facebook.com
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.facebook.com
SecurityPolicy-Intesept-Https-00003
[Tags] Intercept https Fail-close
#创建cat
${rescodeip} ${object_cat_Id} AddObject \ { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_Fail-close", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_Fail-close", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$client.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$expired.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } ,{ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$self-signed.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ },{ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$untrusted-root.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ },{ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$wrong.host.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }\ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"fail-close", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"fail-close", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00003", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"fail-close", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL003.bat
... ELSE set variable curl -kv https://client.badssl.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni client.badssl.com
SecurityPolicy-Intesept-Https-00004
[Tags] Intercept https Pass-through
#创建cat
${rescodeip} ${object_cat_Id} AddObject \ { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_Pass-through", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_Pass-through", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$client.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$expired.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } ,{ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$self-signed.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ },{ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$untrusted-root.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ },{ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$wrong.host.badssl.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }\ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00004", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL004.bat
... ELSE set variable curl -kv https://self-signed.badssl.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni self-signed.badssl.com
SecurityPolicy-Intesept-Https-00005
[Tags] Intercept https EV
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_EV_myssl", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_EV_myssl", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*myssl.cn" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":1}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":1}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":1}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL005_007.bat
... ELSE set variable curl -kv https://www.myssl.cn/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni myssl.cn
SecurityPolicy-Intesept-Https-00006
[Tags] Intercept https CT
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_CT_vip", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_CT_vip", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*vip.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":1, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":1, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00006", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":1, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_010.bat
... ELSE set variable curl -kv https://www.vip.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.vip.com
SecurityPolicy-Intesept-Https-00007
[Tags] Intercept https MA
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_MA_myssl", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_MA_myssl", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*myssl.cn" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00007", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL005_007.bat
... ELSE set variable curl -kv https://www.myssl.cn/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni myssl.cn
SecurityPolicy-Intesept-Https-00008
[Tags] Intercept https SSL3.0
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_ssl3.0_360", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_ssl3.0_360", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*360.cn" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"ssl3", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"ssl3", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00008", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"ssl3", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL008.bat
... ELSE set variable curl -kv https://360.cn/
${stringlist} Create List ssl3_read_bytes
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni 360.cn
SecurityPolicy-Intesept-Https-00009
[Tags] Intercept https TSL1.0
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_TSL1.0_mi", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_TSL1.0_mi", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.mi.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls10", \ \ \ \ \ \ \ \ \ "max":"tls10", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls10", \ \ \ \ \ \ \ \ \ "max":"tls10", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00009", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls10", \ \ \ \ \ \ \ \ \ "max":"tls10", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL009.bat
... ELSE set variable curl -kv https://www.mi.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.mi.com
SecurityPolicy-Intesept-Https-00010
[Tags] Intercept https TSL1.1
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_TSL1.1_vip", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_TSL1.1_vip", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.vip.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls11", \ \ \ \ \ \ \ \ \ "max":"tls11", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls11", \ \ \ \ \ \ \ \ \ "max":"tls11", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00010", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls11", \ \ \ \ \ \ \ \ \ "max":"tls11", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL006_010.bat
... ELSE set variable curl -kv https://www.vip.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.vip.com
SecurityPolicy-Intesept-Https-00011
[Tags] Intercept https TSL1.2
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_TSL1.2_taobao", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_TSL1.2_taobao", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*taobao.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls12", \ \ \ \ \ \ \ \ \ "max":"tls12", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls12", \ \ \ \ \ \ \ \ \ "max":"tls12", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00011", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls12", \ \ \ \ \ \ \ \ \ "max":"tls12", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL011.bat
... ELSE set variable curl -kv https://www.taobao.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.taobao.com
SecurityPolicy-Intesept-Https-00012
[Tags] Intercept https TSL1.3
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_TSL1.3_halfrost", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_TSL1.3_halfrost", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*halfrost.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00012", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls13", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00012", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls13", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00012", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":0, \ \ \ \ \ \ \ \ \ \ "min":"tls13", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":0}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":0, \ \ \ \ "cert_pinning":0,"cert_transparency":0, \ \ \ \ "protocol_errors":0,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":0, \ \ \ \ "expiration":0, \ \ \ \ "cn":0, \ \ \ \ "issuer":0}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL012.bat
... ELSE set variable curl -kv https://halfrost.com/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni halfrost.com
SecurityPolicy-Intesept-Https-00013
[Tags] Intercept https ip+fqdn
#创建fqdn
${rescodeip} ${object_FQDN_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_youtube", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.olx.kz" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_FQDN_Id}
#删除对象
${objectids} set Variable ${object_FQDN_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00013", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00013", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-Intercept-Https-00013", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[3]\ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_Intercept_SSL013.bat
... ELSE set variable curl -kv https://www.olx.kz/uslugi/
${stringlist} Create List Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.olx.kz

71
01-TestCase/tsg_adc/api_security/MonitorDNSTests.robot
View File

@@ -1,71 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-monitor-DNS-00001
[Tags] monitor DNS ip+fqdn
#创建fqdn
${rescodeip} ${object_fqdn_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_jd", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_jd", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.wenming.cn" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*vip.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_fqdn_Id}
#删除对象
${objectids} set Variable ${object_fqdn_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-DNS-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"DNS" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_DNS_QNAME"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-DNS-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"DNS" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_DNS_QNAME"]},{"objectId":${testClentID}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[4] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-DNS-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"DNS" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_FQDN_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_DNS_QNAME"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} set variable nslookup -d www.vip.com
@{stringlist} set variable canonical name = www.vip.com type = AAAA, class = IN
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.vip.com
SecurityPolicy-monitor-DNS-00002
[Tags] monitor DNS ip+cat
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_cat_jd", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_cat_jd", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$www.taobao.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-DNS-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"DNS" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_DNS_QNAME"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-DNS-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"DNS" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_DNS_QNAME"]},{"objectId":${testClentID}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] ,"appObjectIdArray":[4] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-DNS-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"DNS" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_DNS_QNAME"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} set variable nslookup -d www.taobao.com
@{stringlist} set variable canonical name = www.taobao.com type = AAAA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#验证日志
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.taobao.com

96
01-TestCase/tsg_adc/api_security/MonitorFTPTests.robot
View File

@@ -1,96 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
Library Custometest
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-monitor-FTP-00001
[Tags] monitor Sub_Account
# #创建对象 Sub
# ${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$jwctest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
# log ${object_Sub_Id}
# ${objectids} set Variable ${object_Sub_Id}
#创建对象 Account
${rescodeip} ${object_Account_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_Account","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["anony*"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Account_Id}
${objectids} set Variable ${object_Account_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-FTP-00001","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[]},{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-FTP-00001","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[null]},{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-FTP-00001","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","method":"drop"},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[null]},{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${FTP} FTP 登录
should contain ${FTP} ftp_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account anonymous
SecurityPolicy-monitor-FTP-00002
[Tags] monitor URI_Content
#创建对象 URI
${rescodeip} ${object_URI_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"JWC_FTP_URI","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*771.txt"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_URI_Id}
${objectids} set Variable ${object_URI_Id}
#创建对象 Content
${rescode_deny} ${object_Content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"JWC_FTP_Content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["accountsservice"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Content_id}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Content_id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-FTP-00002","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP"},"referenceObject":[{"objectId":${object_URI_Id} ,"protocolFields":["TSG_FIELD_FTP_URI"]},{"objectId":${object_Content_id} ,"protocolFields":["TSG_FIELD_FTP_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-FTP-00002","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_URI_Id} ,"protocolFields":["TSG_FIELD_FTP_URI"]},{"objectId":${object_Content_id} ,"protocolFields":["TSG_FIELD_FTP_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-FTP-00002","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP"},"referenceObject":[{"objectId":${object_URI_Id} ,"protocolFields":["TSG_FIELD_FTP_URI"]},{"objectId":${object_Content_id} ,"protocolFields":["TSG_FIELD_FTP_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${FTP} FTP 下载
should contain ${FTP} ftp_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://202.38.97.230/pub/iso/linux/knoppix/KNOPPIX_V7.7.1DVD-2016-10-22-EN/dpkg-l-dvd-771.txt
SecurityPolicy-monitor-FTP-00003
[Tags] monitor Sub_Account
#创建对象 Account
${rescodeip} ${object_Account_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"JWC_Account","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["anony*"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Account_Id}
${objectids} set Variable ${object_Account_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-FTP-00003","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP","keyring":1},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-FTP-00003","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[6]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-FTP-00003","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"FTP"},"referenceObject":[{"objectId":${object_Account_Id} ,"protocolFields":["TSG_FIELD_FTP_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${FTP} FTP 登录
should contain ${FTP} ftp_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account anonymous

103
01-TestCase/tsg_adc/api_security/MonitorHttpTests.robot
View File

@@ -1,103 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-monitor-Http-00001
[Tags] monitor http ip+cat+User-Agent+Content-Type+url
#创建cat
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_cat_zm", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_cat_zm", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*ziroom.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_cat_Id}
#删除对象
${objectids} set Variable ${object_cat_Id}
#创建url
${rescode} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_zm", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_zm", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "ziroom" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_url_Id}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建请求头
${rescode} ${object_User_Agent_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_User_Agent_Id}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_User_Agent_Id}
#创建应答头
${rescode} ${object_Content-Type_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_Content-Type_Id}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Content-Type_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_User_Agent_Id},"protocolFields": ["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_Content-Type_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_User_Agent_Id},"protocolFields": ["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_Content-Type_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_User_Agent_Id},"protocolFields": ["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_Content-Type_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
#${commandstr} set variable curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://www.ziroom.com/life/index \ \ | iconv -f utf-8 -t gbk
${commandstr} run keyword if '${systemType}'=='Windows' set variable curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://www.ziroom.com/life/index \ \ | iconv -f utf-8 -t gbk
... ELSE set variable curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.ziroom.com/life/index
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run ${commandstr}
should contain ${commandreturn} 全屋智能美家
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_domain www.ziroom.com
SecurityPolicy-monitor-Http-00002
[Tags] monitor http SUB+cat+set-cookie+url
#创建fqdn
${rescodeip} ${object_fqdn_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_ziroom", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_ziroom", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*zhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_fqdn_Id}
#删除对象
${objectids} set Variable ${object_fqdn_Id}
#创建url
${rescode} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "www.xiaozhu*" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${object_url_Id}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
#创建请求头
${rescode} ${object_sk_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_sk","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*domain=.xiaozhu.com"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_sk_Id}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_sk_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_fqdn_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_SUB_Id}, \ \ \ \ \ \ \ \ "protocolFields":[]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_fqdn_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${testClentSubID}, \ \ \ \ \ \ \ \ "protocolFields":[null]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } \
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_fqdn_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${testClentSubID}, \ \ \ \ \ \ \ \ "protocolFields":[]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
#${commandstr} set variable curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' \ http://www.xiaozhu.com \ \ | iconv -f utf-8 -t gbk
${commandstr} run keyword if '${systemType}'=='Windows' set variable curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' \ http://www.xiaozhu.com \ \ | iconv -f utf-8 -t gbk
... ELSE set variable curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' http://www.xiaozhu.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} SystemCommand ${commandstr}
should contain ${commandreturn} 200
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_domain www.xiaozhu.com

215
01-TestCase/tsg_adc/api_security/MonitorMailTests.robot
View File

@@ -1,215 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
Library Custometest
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-monitor-mail-00001
[Tags] monitor URI_Content
#创建对象 Account
${rescodeip} ${object_Account_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_account","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["z1343921421z@163.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Account_Id}
${objectids} set Variable ${object_Account_Id}
#创建策略
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00001","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00001","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00001","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${mail} EmailLogin smtp.163.com 25 z1343921421z@163.com VIAVUYPIEJRDQDBN
should contain ${mail} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account z1343921421z@163.com
SecurityPolicy-monitor-mail-00002
[Tags] monitor to
#创建对象 to
${rescode_deny} ${object_to_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_to","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["z1789327568z@163.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_to_id}
${objectids} set Variable ${object_to_id}
#创建策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00002","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00002","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${Smtp服务器} Set Variable smtp.163.com
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable z1343921421z@163.com
${邮箱密码} Set Variable VIAVUYPIEJRDQDBN
${邮件主题} Set Variable 姬巍川subject
${发送者} Set Variable z1343921421z@163.com
${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
${接收者} Set Variable ["z1789327568z@163.com"]
${抄送者} Set Variable ["z1789327568z@163.com"]
${密送者} Set Variable ["z1789327568z@163.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account z1343921421z@163.com
SecurityPolicy-monitor-Mail-00003
[Tags] monitor From
#创建对象 From
${rescode_deny} ${object_From_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_from","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["z1343921421z@163.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_From_id}
${objectids} set Variable ${object_From_id}
#创建策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00003","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00003","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${Smtp服务器} Set Variable smtp.163.com
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable z1343921421z@163.com
${邮箱密码} Set Variable VIAVUYPIEJRDQDBN
${邮件主题} Set Variable 姬巍川subject
${发送者} Set Variable z1343921421z@163.com
${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
${接收者} Set Variable ["z1789327568z@163.com"]
${抄送者} Set Variable ["z1789327568z@163.com"]
${密送者} Set Variable ["z1789327568z@163.com"]
${邮件正文} Set Variable 姬巍川content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account z1343921421z@163.com
SecurityPolicy-monitor-Mail-00004
[Tags] monitor Att_content
#创建对象 att_content
${rescode_deny} ${object_att_content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["姬巍川测试文件内容"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_att_content_id}
${objectids} set Variable ${object_att_content_id}
#创建策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00004","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00004","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${Smtp服务器} Set Variable smtp.163.com
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable z1343921421z@163.com
${邮箱密码} Set Variable VIAVUYPIEJRDQDBN
${邮件主题} Set Variable 姬巍川subject
${发送者} Set Variable z1343921421z@163.com
${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
${接收者} Set Variable ["z1789327568z@163.com"]
${抄送者} Set Variable ["z1789327568z@163.com"]
${密送者} Set Variable ["z1789327568z@163.com"]
${邮件正文} Set Variable 姬巍川content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account z1343921421z@163.com
SecurityPolicy-monitor-Mail-00005
[Tags] monitor Content
#创建对象 Content
${rescode_deny} ${object_Content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["姬巍川content"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
log ${object_Content_id}
${objectids} set Variable ${object_Content_id}
#创建策略
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00005","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00005","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${Smtp服务器} Set Variable smtp.163.com
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable z1343921421z@163.com
${邮箱密码} Set Variable VIAVUYPIEJRDQDBN
${邮件主题} Set Variable 姬巍川subject
${发送者} Set Variable z1343921421z@163.com
${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
${接收者} Set Variable ["z1789327568z@163.com"]
${抄送者} Set Variable ["z1789327568z@163.com"]
${密送者} Set Variable ["z1789327568z@163.com"]
${邮件正文} Set Variable 姬巍川content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account z1343921421z@163.com
SecurityPolicy-monitor-Mail-00006
[Tags] monitor Subject
# #创建对象 Subject
# ${rescodeip} ${object_Subject_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_subject","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["姬巍川subject"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
# log ${object_Subject_Id}
# ${objectids} set Variable ${object_Subject_Id}
#创建策略
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00006","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-monitor-Mail-00006","policyType":"tsg_security","action":"monitor","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}}
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
${policyIds} Create List ${policyId1}
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
${Smtp服务器} Set Variable smtp.163.com
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable z1343921421z@163.com
${邮箱密码} Set Variable VIAVUYPIEJRDQDBN
${邮件主题} Set Variable 姬巍川subject
${发送者} Set Variable z1343921421z@163.com
${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
${接收者} Set Variable ["z1789327568z@163.com"]
${抄送者} Set Variable ["z1789327568z@163.com"]
${密送者} Set Variable ["z1789327568z@163.com"]
${邮件正文} Set Variable 姬巍川content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId2}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account z1343921421z@163.com

98
01-TestCase/tsg_adc/api_security/MonitorSSLTests.robot
View File

@@ -1,98 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-monitor-SSL-00001
[Tags] monitor ssl ip+cat
#创建SNI_CAT
${rescodeip} ${object_sni_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_sni_Id}
#删除对象
${objectids} set Variable ${object_sni_Id}
#创建SAN_CAT
${rescodeip} ${object_san_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_san_Id}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_san_Id}
#创建对象 CN_CAT
${rescodeip} ${object_cn_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_cn_Id}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cn_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_monitor_ssl001.bat
... ELSE set variable curl -kv https://www.jd.com
@{stringlist} set variable 正品低价 html
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.jd.com
SecurityPolicy-monitor-SSL-00002
[Tags] monitor ssl SUB+fqdn
# #创建对象SUB
# ${rescode} ${object_SUB_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"subscriberid", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$jwctest" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] } \
# log ${object_SUB_Id}
# #删除对象
# ${objectids} set Variable ${object_SUB_Id}
#创建SNI_CAT
${rescodeip} ${object_sni_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_sni_Id}
#删除对象
${objectids} set Variable ${object_sni_Id}
#创建SAN_CAT
${rescodeip} ${object_san_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_san_Id}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_san_Id}
#创建对象 CN_CAT
${rescodeip} ${object_cn_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
log ${object_cn_Id}
#删除对象
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cn_Id}
#创建策略
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#功能端验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_monitor_ssl002.bat
... ELSE set variable curl -kv https://www.yhd.com
@{stringlist} set variable 货到付款 text
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.yhd.com

196
01-TestCase/tsg_adc/multi_step/MultiStepDenyAllTests.robot
View File

@@ -1,196 +0,0 @@
*** Settings ***
Test Teardown DeleteAfterCase ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security selfserver
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/PolicyObjectDefault.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
Resource ../../../03-Variable/AllFlowCaseVariable.txt
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Library Custometest
Library json
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/responsepages
${profiledId} ${EMPTY}
${dict} ${None}
${caseName} SecurityPolicy-Deny-AllProtol-00001
*** Keywords ***
create-object-policy
[Arguments] @{flag}
Comment 创建目标IP
${objectDict} Create Dictionary
... objectType=IP
... isValid=1
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_IPobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc}
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} Run Keyword If '${testPart}'=='all' set Variable ${objectId}
Comment 创建安全策略针对所有协议相当于BlackIP
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${Default_PolicyDesc}
... action=deny
... effectiveRange=${Default_EffectiveRange}
... userRegion=${Default_UserRegion}
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
... isValid=${Default_IsValid}
... appObjectIdArray=2,3,4,5,6
... userTags=${Default_UserTags}
... doLog=2
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Run Keyword If '${testPart}'=='all' Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
# 区分执行方式
${value} Run Keyword If ${flag}==[] insert_policyId_to_file ${caseName} ${policyId} ${objectids}
... ELSE Create Dictionary policyId=${policyId} objectId=${objectids}
Set Test Variable ${dict} ${value}
function-test
Run Keyword If '${testPart}'=='all' Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/${caseName}_HTTP.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime_http} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_http} Get Time
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 功能端验证SSL验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/${caseName}_SSL.bat
... ELSE set variable curl -kv https://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
#OpenSSL SSL_connect: Connection was reset in connection to
#Send failure: Connection was reset
... ELSE Create List OpenSSL SSL_connect: Connection reset by peer in connection to
${starttime_ssl} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_ssl} Get Time
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
#${mail} EmailLogin mail.tsgmail.com 25 dongxiaoyan@mail.tsgmail.com dxy123
${starttime_mail} Get Time
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable dongxiaoyan@mail.tsgmail.com
${邮箱密码} Set Variable dxy123
${邮件主题} Set Variable что- иностранныеsuject
${发送者} Set Variable dongxiaoyan@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["jwctest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["lyftest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明contentчто-иностранныеsuject
${mail} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
should contain ${mail} mail_fail
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_mail} Get Time
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
${starttime_ftp} Get Time
${ftpLogin} FTP_login ftp://192.168.100.5:21 -u"ftp_user:qazXSW@edc" test.txt
should contain ${ftpLogin} ftp_fail
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ''
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_ftp} Get Time
${endtime} Get Time
# 区分执行方式
Run Keyword If ${dict}==${None} insert_time_to_file ${caseName} ${starttime} ${endtime}
... ELSE Run Keyword Set To Dictionary ${dict} ${starttime} ${endtime}
log-test
# 日志验证
${obj} Run Keyword If ${dict}==${None} json.Loads ${caseName}
... ELSE Set Variable ${dict}
${policyId} Set Variable ${obj}[policyId]
${s} Convert to String ${policyId}
${objectids} Run Keyword If '${testPart}'!='all' set Variable ${obj}[objectids]
${policyIds} Run Keyword If '${testPart}'!='all' Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
#日志验证
GetLogList security_event_log ${starttime_http} ${endtime_http} ${testClentIP} ${s} http_host open.node.com
${obj}[starttime] ${obj}[endtime]
Comment 功能端验证SSL验证
#日志验证
GetLogList security_event_log ${starttime_ssl} ${endtime_ssl} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
#日志验证
GetLogList security_event_log ${starttime_mail} ${endtime_mail} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
#日志验证
GetLogList security_event_log ${starttime_ftp} ${endtime_ftp} ${testClentIP} ${s} ftp_account ''
log-test_bak
# 日志验证
${obj} Run Keyword If ${dict}==${None} json.Loads ${caseName}
... ELSE Set Variable ${dict}
${policyId} Set Variable ${obj}[policyId]
${s} Convert to String ${policyId}
${objectids} Run Keyword If '${testPart}'!='all' set Variable ${obj}[objectids]
${policyIds} Run Keyword If '${testPart}'!='all' Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
#日志验证
#GetLogList security_event_log ${starttime_http} ${endtime_http} ${testClentIP} ${s} http_host open.node.com
GetLogList security_event_log ${obj}[starttime_http] ${obj}[endtime_http] ${testClentIP} ${s} http_host open.node.com
${obj}[starttime] ${obj}[endtime]
Comment 功能端验证SSL验证
#日志验证
#GetLogList security_event_log ${starttime_ssl} ${endtime_ssl} ${testClentIP} ${s} ssl_sni open.node.com
GetLogList security_event_log ${obj}[starttime_ssl} ${obj}[endtime_ssl} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
#日志验证
#GetLogList security_event_log ${starttime_mail} ${endtime_mail} ${testClentIP} ${s} mail_protocol_type SMTP
GetLogList security_event_log ${obj}[starttime_mail} ${obj}[endtime_mail} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
#日志验证
#GetLogList security_event_log ${starttime_ftp} ${endtime_ftp} ${testClentIP} ${s} ftp_account ''
GetLogList security_event_log ${obj}[starttime_ftp} ${obj}[endtime_ftp} ${testClentIP} ${s} ftp_account ''
*** Test Cases ***
MultiSecurityPolicy-Deny-AllProtol-00001
[Tags] securitypolciy deny allprotol multistep
#${caseName} set variable SecurityPolicy-Deny-AllProtol-00001
Run Keyword If '${testPart}'=='all' Run Keywords create-object-policy True
... AND function-test
... AND log-test
... ELSE IF ${testPart}==1 Run Keyword create-object-policy
... ELSE IF ${testPart}==2 Run Keyword function-test
... ELSE IF ${testPart}==3 Run Keyword log-test
#{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"rst"},"referenceObject":[{"objectId":6926,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":6943,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]}],"isValid":0,"scheduleId":[],"appObjectIdArray":[2,3,4,5,6]}}

0
01-TestCase/tsg_adc/selfserver/Api_Proxy/.gitkeep
View File

815
01-TestCase/tsg_adc/selfserver/Api_Proxy/Allow_Http_Tests.robot
View File

@@ -1,815 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Allow-Http-00001
[Tags] selfserver ip
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv \ http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00002
[Tags] selfserver ip+fqdn完整匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00003
[Tags] selfserver ip+cat右匹配
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Response
... ELSE Create List Response
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/tengrinews/tengrinews.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Allow-HTTP-0001.bat
... ELSE set variable curl \ http://open.node.com/test/tengrinews/tengrinews.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List экономике
... ELSE Create List экономике
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Response
... ELSE Create List Response
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00008
[Tags] selfserver ip+请求头右匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00009
[Tags] selfserver ip+请求头字串匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00010
[Tags] selfserver ip+请求头完整匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00011
[Tags] selfserver ip+请求头左匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00012
[Tags] selfserver ip+cookie字串匹配
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List switch=kazakh
... ELSE Create List switch=kazakh
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00013
[Tags] selfserver ip+应答头右匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00014
[Tags] selfserver ip+应答头字串匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00015
[Tags] selfserver ip+应答头完整匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=utf-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat
... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List switch=kazakh
... ELSE Create List switch=kazakh
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00016
[Tags] selfserver ip+应答头左匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat
... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List AhbmRDASY7NuOZD9cFMgQihZ
... ELSE Create List AhbmRDASY7NuOZD9cFMgQihZ
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00017
[Tags] selfserver ip+set-cookie右匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00018
[Tags] selfserver ip+set-cookie字串匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00019
[Tags] selfserver ip+set-cookie完整匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Body
... ELSE Create List Body
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00020
[Tags] selfserver ip+set-cookie左匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00021
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Body
... ELSE Create List Body
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Http-00022
[Tags] selfserver 修改
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

814
01-TestCase/tsg_adc/selfserver/Api_Proxy/Allow_Ssl_Tests.robot
View File

@@ -1,814 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Allow-Ssl-00001
[Tags] selfserver ip
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00002
[Tags] selfserver ip+fqdn完整匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA \ \ \ \ Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00003
[Tags] selfserver ip+cat右匹配
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body Tango Secure Gateway CA
... ELSE Create List Response Body Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List twitter Tango Secure Gateway CA
... ELSE Create List twitter Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 Tango Secure Gateway CA
... ELSE Create List 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body Tango Secure Gateway CA
... ELSE Create List Response Body Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00008
[Tags] selfserver ip+请求头右匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00009
[Tags] selfserver ip+请求头字串匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00010
[Tags] selfserver ip+请求头完整匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00011
[Tags] selfserver ip+请求头左匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00012
[Tags] selfserver ip+cookie字串匹配
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List switch=kazakh Tango Secure Gateway CA
... ELSE Create List switch=kazakh Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00013
[Tags] selfserver ip+应答头右匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"method":"allow","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00014
[Tags] selfserver ip+应答头字串匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00015
[Tags] selfserver ip+应答头完整匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 Tango Secure Gateway CA
... ELSE Create List 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00016
[Tags] selfserver ip+应答头左匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List twitter Tango Secure Gateway CA
... ELSE Create List twitter Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00017
[Tags] selfserver ip+set-cookie右匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00018
[Tags] selfserver ip+set-cookie字串匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00019
[Tags] selfserver ip+set-cookie完整匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test Tango Secure Gateway CA
... ELSE Create List test Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00020
[Tags] selfserver ip+set-cookie左匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00021
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-SSL-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body Tango Secure Gateway CA
... ELSE Create List Response Body Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Allow-Ssl-00022
[Tags] selfserver 修改
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List twitter Tango Secure Gateway CA
... ELSE Create List twitter Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Allow-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

964
01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot
View File

@@ -1,964 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/responsepages
${profiledId} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Deny-Http-00001
[Tags] selfserver ip
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"test","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List test
... ELSE Create List test
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00002
[Tags] selfserver ip+fqdn完整匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一
... ELSE Create List 你好,五一
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00003
[Tags] selfserver ip+cat右匹配
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List виде
... ELSE Create List виде
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List виде
... ELSE Create List виде
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00008
[Tags] selfserver ip+请求头右匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00009
[Tags] selfserver ip+请求头字串匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00010
[Tags] selfserver ip+请求头完整匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List виде
... ELSE Create List виде
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00011
[Tags] selfserver ip+请求头左匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00012
[Tags] selfserver ip+cookie字串匹配
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"zxcvbnm","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat
... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm
... ELSE Create List zxcvbnm
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00013
[Tags] selfserver ip+应答头右匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天
... ELSE Create List 你好明天
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00014
[Tags] selfserver ip+应答头字串匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00015
[Tags] selfserver ip+应答头完整匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty
... ELSE Create List qwerty
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00016
[Tags] selfserver ip+应答头左匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat \
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 123456
... ELSE Create List 123456
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00017
[Tags] selfserver ip+set-cookie右匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat
... ELSE set variable curl http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天
... ELSE Create List 你好明天
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00018
[Tags] selfserver ip+set-cookie字串匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat
... ELSE set variable curl http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00019
[Tags] selfserver ip+set-cookie完整匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty
... ELSE Create List qwerty
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00020
[Tags] selfserver ip+set-cookie左匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat
... ELSE set variable curl http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 123456
... ELSE Create List 123456
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00021
[Tags] selfserver ip+请求体字串匹配
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00022
[Tags] selfserver ip+应答体字串匹配
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response Body
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00023
[Tags] selfserver 最大组合
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=酒店式公寓
${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00023.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00024
[Tags] selfserver 修改
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${object_yd_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_yd_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00024 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00024 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_yd_Id}|TSG_FIELD_HTTP_RES_HDR policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00025
[Tags] selfserver ip+请求体and关系
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=ctes&t123
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00025 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00026
[Tags] selfserver ip+请求体或更新
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test,qazx
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00026 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00027
[Tags] selfserver ip+应答体and关系
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response& Body
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00027 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Http-00028
[Tags] selfserver ip+应答体或关系
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response,12345
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00028 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

963
01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot
View File

@@ -1,963 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/responsepages
${profiledId} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Deny-Ssl-00001
[Tags] selfserver ip
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"test","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List test Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00002
[Tags] selfserver ip+fqdn完整匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 你好,五一 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00003
[Tags] selfserver ip+cat右匹配
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List виде Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List виде Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00008
[Tags] selfserver ip+请求头右匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00009
[Tags] selfserver ip+请求头字串匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00010
[Tags] selfserver ip+请求头完整匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List виде Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00011
[Tags] selfserver ip+请求头左匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00012
[Tags] selfserver ip+cookie字串匹配
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"zxcvbnm","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00013
[Tags] selfserver ip+应答头右匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00014
[Tags] selfserver ip+应答头字串匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00015
[Tags] selfserver ip+应答头完整匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List qwerty Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00016
[Tags] selfserver ip+应答头左匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 123456 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00017
[Tags] selfserver ip+set-cookie右匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00018
[Tags] selfserver ip+set-cookie字串匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00019
[Tags] selfserver ip+set-cookie完整匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List qwerty Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00020
[Tags] selfserver ip+set-cookie左匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 123456 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00021
[Tags] selfserver ip+请求体字串匹配
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset Tango Secure Gateway CA
... ELSE Create List Connection reset by peer Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00022
[Tags] selfserver ip+应答体字串匹配
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response Body
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset Tango Secure Gateway CA
... ELSE Create List Connection reset by peer Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00023
[Tags] selfserver 最大组合
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*bytedance.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=字节跳动
${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00023.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset Tango Secure Gateway CA
... ELSE Create List Connection reset by peer Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00024
[Tags] selfserver 修改
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*bytedance.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00024 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 你好,五一 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00024 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"QAZWSX星期天песни","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List QAZWSX星期天 песни Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List QAZWSX星期天 песни Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00025
[Tags] selfserver ip+请求体and关系
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=ctes&t123
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00025 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-SSL-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset Tango Secure Gateway CA
... ELSE Create List Connection reset by peer Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00026
[Tags] selfserver ip+请求体或关系
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test,你好明天
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00026 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-SSL-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset Tango Secure Gateway CA
... ELSE Create List Connection reset by peer Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00027
[Tags] selfserver ip+应答体and关系
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response& Body
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00027 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset Tango Secure Gateway CA
... ELSE Create List Connection reset by peer Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Deny-Ssl-00028
[Tags] selfserver ip+应答体或关系
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response,你好明天
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00028 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset Tango Secure Gateway CA
... ELSE Create List Connection reset by peer Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

887
01-TestCase/tsg_adc/selfserver/Api_Proxy/Hijack_Http_Tests.robot
View File

@@ -1,887 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/hijackfiles
${profiledId} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Hijack-Http-00001
[Tags] selfserver ip+url
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test.apk hijack {"isValid":1,"contentType":"application/vnd.android.package-archive","opAction":"add","profileName":"test1","contentName":"Create-Hijack Files-test.apk","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 6b72:f91d:6f81:bfcd:5b0f:e81d:f827:e075
... ELSE Create List 6b72:f91d:6f81:bfcd:5b0f:e81d:f827:e075
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00002
[Tags] selfserver ip+fqdn完整匹配+url
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动
... ELSE Create List 控制小蛇在地图范围内移动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00003
[Tags] selfserver ip+cat右匹配+url
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac
... ELSE Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动
... ELSE Create List 控制小蛇在地图范围内移动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List bFiles-test-5.png
... ELSE Create List bFiles-test-5.png
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List test-4.jpeg
... ELSE Create List test-4.jpeg
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List test-2.gif
... ELSE Create List test-2.gif
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00008
[Tags] selfserver ip+请求头右匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动
... ELSE Create List 控制小蛇在地图范围内移动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00009
[Tags] selfserver ip+请求头字串匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动
... ELSE Create List 控制小蛇在地图范围内移动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00010
[Tags] selfserver ip+请求头完整匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动
... ELSE Create List 控制小蛇在地图范围内移动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00011
[Tags] selfserver ip+请求头左匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac
... ELSE Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00012
[Tags] selfserver ip+cookie字串匹配+url
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List bFiles-test-5.png
... ELSE Create List bFiles-test-5.png
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00013
[Tags] selfserver ip+应答头右匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List test-4.jpeg
... ELSE Create List test-4.jpeg
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00014
[Tags] selfserver ip+应答头字串匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List test-2.gif
... ELSE Create List test-2.gif
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00015
[Tags] selfserver ip+应答头完整匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动
... ELSE Create List 控制小蛇在地图范围内移动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00016
[Tags] selfserver ip+应答头左匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat \
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动
... ELSE Create List 控制小蛇在地图范围内移动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00017
[Tags] selfserver ip+set-cookie右匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat
... ELSE set variable curl http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动
... ELSE Create List 控制小蛇在地图范围内移动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00018
[Tags] selfserver ip+set-cookie字串匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List bFiles-test-5.png
... ELSE Create List bFiles-test-5.png
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00019
[Tags] selfserver ip+set-cookie完整匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List test-4.jpeg
... ELSE Create List test-4.jpeg
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00020
[Tags] selfserver ip+set-cookie左匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List test-2.gif
... ELSE Create List test-2.gif
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00021
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00023.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动
... ELSE Create List 控制小蛇在地图范围内移动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Http-00022
[Tags] selfserver 修改
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${object_ck_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_ck_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac
... ELSE Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_ck_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac
... ELSE Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

883
01-TestCase/tsg_adc/selfserver/Api_Proxy/Hijack_Ssl_Tests.robot
View File

@@ -1,883 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/hijackfiles
${profiledId} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Hijack-Ssl-00001
[Tags] selfserver ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test.apk hijack {"isValid":1,"contentType":"application/vnd.android.package-archive","opAction":"add","profileName":"test1","contentName":"Create-Hijack Files-test.apk","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 6b72:f91d:6f81:bfcd:5b0f:e81d:f827:e075 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 6b72:f91d:6f81:bfcd:5b0f:e81d:f827:e075 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00002
[Tags] selfserver ip+fqdn完整匹配+url
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By \ \ Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00003
[Tags] selfserver ip+cat右匹配+url
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test-1.exe Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List test-1.exe Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List bFiles-test-5.png Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List bFiles-test-5.png Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test-4.jpeg Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List test-4.jpeg Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test-2.gif Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List test-2.gif Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00008
[Tags] selfserver ip+请求头右匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List 控制小蛇在地图范围内移动 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00009
[Tags] selfserver ip+请求头字串匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List 控制小蛇在地图范围内移动 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00010
[Tags] selfserver ip+请求头完整匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List 控制小蛇在地图范围内移动 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00011
[Tags] selfserver ip+请求头左匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test-1.exe X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List test-1.exe X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00012
[Tags] selfserver ip+cookie字串匹配+url
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List bFiles-test-5.png Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List bFiles-test-5.png Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00013
[Tags] selfserver ip+应答头右匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test-4.jpeg Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List test-4.jpeg Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00014
[Tags] selfserver ip+应答头字串匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test-2.gif Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List test-2.gif Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00015
[Tags] selfserver ip+应答头完整匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00016
[Tags] selfserver ip+应答头左匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00017
[Tags] selfserver ip+set-cookie右匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00018
[Tags] selfserver ip+set-cookie字串匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List bFiles-test-5.png Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List bFiles-test-5.png Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00019
[Tags] selfserver ip+set-cookie完整匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test-4.jpeg Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List test-4.jpeg Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00020
[Tags] selfserver ip+set-cookie左匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test-2.gif Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List test-2.gif Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00021
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-SSL-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List 控制小蛇在地图范围内移动 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Hijack-Ssl-00022
[Tags] selfserver 修改
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 控制小蛇在地图范围内移动 Tango Secure Gateway CA X-TG-Construct-By
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

883
01-TestCase/tsg_adc/selfserver/Api_Proxy/Insert_Http_Tests.robot
View File

@@ -1,883 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/insertscripts
${profiledId} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Insert-Http-00001
[Tags] selfserver ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*node.com/
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00002
[Tags] selfserver ip+fqdn完整匹配+url
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*node.com/
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00003
[Tags] selfserver ip+cat右匹配+url
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*node.com/
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*node.com/
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00008
[Tags] selfserver ip+请求头右匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00009
[Tags] selfserver ip+请求头字串匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00010
[Tags] selfserver ip+请求头完整匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00011
[Tags] selfserver ip+请求头左匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00012
[Tags] selfserver ip+cookie字串匹配+url
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-insert-HTTP-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00013
[Tags] selfserver ip+应答头右匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00014
[Tags] selfserver ip+应答头字串匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00015
[Tags] selfserver ip+应答头完整匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html;charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00016
[Tags] selfserver ip+应答头左匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00017
[Tags] selfserver ip+set-cookie右匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00018
[Tags] selfserver ip+set-cookie字串匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00019
[Tags] selfserver ip+set-cookie完整匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00020
[Tags] selfserver ip+set-cookie左匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00021
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Http-00022
[Tags] selfserver 修改
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${object_sk_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_sk_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-insert-HTTP-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_sk_Id}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!")
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

882
01-TestCase/tsg_adc/selfserver/Api_Proxy/Insert_Ssl_Tests.robot
View File

@@ -1,882 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/insertscripts
${profiledId} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Insert-Ssl-00001
[Tags] selfserver ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*node.com/
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00002
[Tags] selfserver ip+fqdn完整匹配+url
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*node.com/
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA \ \ \ Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00003
[Tags] selfserver ip+cat右匹配+url
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*node.com/
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*node.com/
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00008
[Tags] selfserver ip+请求头右匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00009
[Tags] selfserver ip+请求头字串匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00010
[Tags] selfserver ip+请求头完整匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00011
[Tags] selfserver ip+请求头左匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00012
[Tags] selfserver ip+cookie字串匹配+url
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-insert-SSL-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00013
[Tags] selfserver ip+应答头右匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00014
[Tags] selfserver ip+应答头字串匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00015
[Tags] selfserver ip+应答头完整匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html;charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00016
[Tags] selfserver ip+应答头左匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00017
[Tags] selfserver ip+set-cookie右匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00018
[Tags] selfserver ip+set-cookie字串匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00019
[Tags] selfserver ip+set-cookie完整匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" \ POST -d "reqBody=test&setCookie=12345678&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00020
[Tags] selfserver ip+set-cookie左匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00021
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-SSL-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" \ POST -d "reqBody=test&setCookie=12345678&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Insert-Ssl-00022
[Tags] selfserver 修改
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建insert文件
${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-Insert Scripts-test-1.js insert
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Insert-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List type="text/javascript" class="RQ_SCRIPT">alert("执行javascript!") X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

942
01-TestCase/tsg_adc/selfserver/Api_Proxy/Monitor_Http_Tests.robot
View File

@@ -1,942 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Monitor-Http-00001
[Tags] selfserver ip
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00002
[Tags] selfserver ip+fqdn完整匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00003
[Tags] selfserver ip+cat右匹配
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List AhbmRDASY
... ELSE Create List AhbmRDASY
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/tengrinews/tengrinews.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Allow-HTTP-0001.bat
... ELSE set variable curl \ http://open.node.com/test/tengrinews/tengrinews.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List экономике
... ELSE Create List экономике
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00008
[Tags] selfserver ip+请求头右匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00009
[Tags] selfserver ip+请求头字串匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00010
[Tags] selfserver ip+请求头完整匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00011
[Tags] selfserver ip+请求头左匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00012
[Tags] selfserver ip+cookie字串匹配
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat
... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List switch=kazakh
... ELSE Create List switch=kazakh
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00013
[Tags] selfserver ip+应答头右匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00014
[Tags] selfserver ip+应答头字串匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00015
[Tags] selfserver ip+应答头完整匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List switch=kazakh
... ELSE Create List switch=kazakh
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00016
[Tags] selfserver ip+应答头左匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat \
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List AhbmRDASY
... ELSE Create List AhbmRDASY
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00017
[Tags] selfserver ip+set-cookie右匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat
... ELSE set variable curl http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00018
[Tags] selfserver ip+set-cookie字串匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat
... ELSE set variable curl http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00019
[Tags] selfserver ip+set-cookie完整匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Body
... ELSE Create List Body
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00020
[Tags] selfserver ip+set-cookie左匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat
... ELSE set variable curl http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00021
[Tags] selfserver ip+请求体字串匹配
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List test
... ELSE Create List test
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00022
[Tags] selfserver ip+应答体字串匹配
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response Body
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Response
... ELSE Create List Response
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00023
[Tags] selfserver 最大组合
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=酒店式公寓
${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00023.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 手机号
... ELSE Create List 手机号
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00024
[Tags] selfserver 修改
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00024 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00024 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00025
[Tags] selfserver ip+请求体and关系
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=ctes&t123
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00025 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List jwctest
... ELSE Create List jwctest
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00026
[Tags] selfserver ip+请求体或更新
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test,qazx
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00026 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List jwctest
... ELSE Create List jwctest
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00027
[Tags] selfserver ip+应答体and关系
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response& Body
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00027 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body
... ELSE Create List Response Body
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Http-00028
[Tags] selfserver ip+应答体或关系
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response,你好明天
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00028 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body
... ELSE Create List Response Body
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

910
01-TestCase/tsg_adc/selfserver/Api_Proxy/Monitor_Ssl_Tests.robot
View File

@@ -1,910 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Monitor-Ssl-00001
[Tags] selfserver ip
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00002
[Tags] selfserver ip+fqdn完整匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00003
[Tags] selfserver ip+cat右匹配
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List twitter Tango Secure Gateway CA
... ELSE Create List twitter Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 Tango Secure Gateway CA
... ELSE Create List 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00008
[Tags] selfserver ip+请求头右匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00009
[Tags] selfserver ip+请求头字串匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00010
[Tags] selfserver ip+请求头完整匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00011
[Tags] selfserver ip+请求头左匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00012
[Tags] selfserver ip+cookie字串匹配
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List switch=kazakh Tango Secure Gateway CA
... ELSE Create List switch=kazakh Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00013
[Tags] selfserver ip+应答头右匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00014
[Tags] selfserver ip+应答头字串匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00015
[Tags] selfserver ip+应答头完整匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 Tango Secure Gateway CA
... ELSE Create List 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00016
[Tags] selfserver ip+应答头左匹配
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List twitter Tango Secure Gateway CA
... ELSE Create List twitter Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00017
[Tags] selfserver ip+set-cookie右匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00018
[Tags] selfserver ip+set-cookie字串匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List c Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00019
[Tags] selfserver ip+set-cookie完整匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-ssl-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test Tango Secure Gateway CA
... ELSE Create List test Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00020
[Tags] selfserver ip+set-cookie左匹配
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00021
[Tags] selfserver ip+请求体字串匹配
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Response Tango Secure Gateway CA
... ELSE Create List Response Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00022
[Tags] selfserver ip+应答体字串匹配
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response Body
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-ssl-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test Tango Secure Gateway CA
... ELSE Create List test Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00023
[Tags] selfserver 最大组合
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*bytedance.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=字节跳动
${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00023.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 Tango Secure Gateway CA
... ELSE Create List 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00024
[Tags] selfserver 修改
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00024 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 Tango Secure Gateway CA
... ELSE Create List 发送POST请求 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-Ssl-00024 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_url_Id}|TSG_FIELD_HTTP_RES_HDR policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List трейлеры Tango Secure Gateway CA
... ELSE Create List трейлеры Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00026
[Tags] selfserver ip+请求体或关系
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test,你好明天
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-SSL-00026 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-SSL-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List jwctest Tango Secure Gateway CA
... ELSE Create List jwctest Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00027
[Tags] selfserver ip+应答体and关系
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response& Body
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-ssl-00027 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body Tango Secure Gateway CA
... ELSE Create List Response Body Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Monitor-Ssl-00028
[Tags] selfserver ip+应答体或关系
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response,你好明天
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Monitor-ssl-00028 policyType=pxy_manipulation policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"method":"monitor","protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body Tango Secure Gateway CA
... ELSE Create List Response Body Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

922
01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot
View File

@@ -1,922 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Redirect-Http-00001
[Tags] selfserver ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.ziroom.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv \ http://open.node.com/test/xiaozhu/xiaozhu.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.ziroom.com/ 301 X-TG-Construct-By
... ELSE Create List http://www.ziroom.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00002
[Tags] selfserver ip+fqdn完整匹配+url
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 302 X-TG-Construct-By
... ELSE Create List https://www.yhd.com 302 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00003
[Tags] selfserver ip+cat右匹配+url
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.toutiao.com/ch/news_hot/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By
... ELSE Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://bbs.tianya.cn/list-lookout-1.shtml","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By
... ELSE Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://kefu.ctrip.com/index","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat
... ELSE set variable curl -kv http://open.node.com/test/youtube/youtube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By
... ELSE Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.booking.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat
... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.booking.com/ 302 X-TG-Construct-By
... ELSE Create List https://www.booking.com/ 302 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.eastmoney.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.eastmoney.com/ 301 X-TG-Construct-By
... ELSE Create List https://www.eastmoney.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00008
[Tags] selfserver ip+请求头右匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.iqiyi.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.iqiyi.com/ 301 X-TG-Construct-By
... ELSE Create List https://www.iqiyi.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00009
[Tags] selfserver ip+请求头字串匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://chaoshi.tmall.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By
... ELSE Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00010
[Tags] selfserver ip+请求头完整匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://military.china.com/zh_cn/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By
... ELSE Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00011
[Tags] selfserver ip+请求头左匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.tiexue.net/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.tiexue.net/ 302 X-TG-Construct-By
... ELSE Create List http://www.tiexue.net/ 302 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00012
[Tags] selfserver ip+cookie字串匹配+url
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.douyu.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.douyu.com/ 301 X-TG-Construct-By
... ELSE Create List https://www.douyu.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00013
[Tags] selfserver ip+应答头右匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.fang.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.fang.com/ 301 X-TG-Construct-By
... ELSE Create List https://www.fang.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00014
[Tags] selfserver ip+应答头字串匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID=","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By
... ELSE Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00015
[Tags] selfserver ip+应答头完整匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://stock.stockstar.com/gem/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat
... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By
... ELSE Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00016
[Tags] selfserver ip+应答头左匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.kugou.com/yy/html/rank.html","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat
... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By
... ELSE Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00017
[Tags] selfserver ip+set-cookie右匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yy.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yy.com/ 301 X-TG-Construct-By
... ELSE Create List https://www.yy.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00018
[Tags] selfserver ip+set-cookie字串匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.xiaohongshu.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By
... ELSE Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00019
[Tags] selfserver ip+set-cookie完整匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zhihu.com/signin?next=%2F","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By
... ELSE Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00020
[Tags] selfserver ip+set-cookie左匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.pcauto.com.cn/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By
... ELSE Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00021
[Tags] selfserver ip+请求体字串匹配+url
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body"-kv http://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By
... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00022
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 301 X-TG-Construct-By
... ELSE Create List https://www.yhd.com 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00023
[Tags] selfserver 修改
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type
${rescode} ${object_yd_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_yd_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.ziroom.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv \ http://open.node.com/test/xiaozhu/xiaozhu.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.ziroom.com/ 301 X-TG-Construct-By
... ELSE Create List http://www.ziroom.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.icbc.com.cn/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL,${object_yd_Id}|TSG_FIELD_HTTP_RES_HDR policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv \ http://open.node.com/test/xiaozhu/xiaozhu.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.icbc.com.cn/ 301 X-TG-Construct-By
... ELSE Create List http://www.icbc.com.cn/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00024
[Tags] selfserver ip+请求体and关系+url
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=jwcte&st12
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By
... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Http-00025
[Tags] selfserver ip+请求体或关系+url
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test,yyyyy
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By
... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

926
01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot
View File

@@ -1,926 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Redirect-Ssl-00001
[Tags] selfserver ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.ziroom.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.ziroom.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List http://www.ziroom.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00002
[Tags] selfserver ip+fqdn完整匹配+url
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 302 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.yhd.com 302 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00003
[Tags] selfserver ip+cat右匹配+url
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.toutiao.com/ch/news_hot/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://bbs.tianya.cn/list-lookout-1.shtml","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://kefu.ctrip.com/index","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.booking.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.booking.com/ 302 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.booking.com/ 302 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.eastmoney.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.eastmoney.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.eastmoney.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00008
[Tags] selfserver ip+请求头右匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.iqiyi.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.iqiyi.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.iqiyi.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00009
[Tags] selfserver ip+请求头字串匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://chaoshi.tmall.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00010
[Tags] selfserver ip+请求头完整匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://military.china.com/zh_cn/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00011
[Tags] selfserver ip+请求头左匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.tiexue.net/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.tiexue.net/ 302 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List http://www.tiexue.net/ 302 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00012
[Tags] selfserver ip+cookie字串匹配+url
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.douyu.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.douyu.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.douyu.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00013
[Tags] selfserver ip+应答头右匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.fang.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.fang.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.fang.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00014
[Tags] selfserver ip+应答头字串匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID=","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00015
[Tags] selfserver ip+应答头完整匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://stock.stockstar.com/gem/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00016
[Tags] selfserver ip+应答头左匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.kugou.com/yy/html/rank.html","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00017
[Tags] selfserver ip+set-cookie右匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yy.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yy.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.yy.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00018
[Tags] selfserver ip+set-cookie字串匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.xiaohongshu.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00019
[Tags] selfserver ip+set-cookie完整匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zhihu.com/signin?next=%2F","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00020
[Tags] selfserver ip+set-cookie左匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.pcauto.com.cn/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00021
[Tags] selfserver ip+请求体字串匹配+url
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00022
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-SSL-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.yhd.com 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00023
[Tags] selfserver 修改
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id}
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.douyu.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.douyu.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.douyu.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.sojson.com","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.sojson.com 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List https://www.sojson.com 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00024
[Tags] selfserver ip+请求体and关系+url
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=jwct&est123
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00024 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-SSL-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Redirect-Ssl-00025
[Tags] selfserver ip+请求体或关系+url
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=jwct,est123
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00025 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-SSL-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

816
01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot
View File

@@ -1,816 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Replace-Http-00001
[Tags] selfserver ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv \ http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00002
[Tags] selfserver ip+fqdn完整匹配+url
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"xiaozhu/xiaozhu.html","replace_with":"nationalbank/nationalbank.html"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00003
[Tags] selfserver ip+cat右匹配+url
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"12345678"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List 12345678
... ELSE Create List 12345678
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"онлайнвхорошемкачествеслюбыхустройст"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List онлайнвхорошемкачествеслюбыхустройст
... ELSE Create List онлайнвхорошемкачествеслюбыхустройст
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"Newsgd.com is the premier online source of Guangdong news and information"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Newsgd.com is the premier online source of Guangdong news and information
... ELSE Create List Newsgd.com is the premier online source of Guangdong news and information
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat
... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"nhwy"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List nhwy
... ELSE Create List nhwy
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00008
[Tags] selfserver ip+请求头右匹配
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_header","find":"Mozilla/5.0","replace_with":"1234"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List open.node.com X-TG-Construct-By
... ELSE Create List open.node.com X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00009
[Tags] selfserver ip+请求头字串匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00010
[Tags] selfserver ip+请求头完整匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求
... ELSE Create List 发送GET请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00011
[Tags] selfserver ip+请求头左匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00012
[Tags] selfserver ip+cookie字串匹配+url
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00013
[Tags] selfserver ip+应答头右匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"Technology"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Technology
... ELSE Create List Technology
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00014
[Tags] selfserver ip+应答头字串匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"你好五一"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat
... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好五一
... ELSE Create List 你好五一
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00015
[Tags] selfserver ip+应答头完整匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=utf-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat
... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00016
[Tags] selfserver ip+应答头左匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat
... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00017
[Tags] selfserver ip+set-cookie右匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00018
[Tags] selfserver ip+set-cookie字串匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求
... ELSE Create List 发送GET请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00019
[Tags] selfserver ip+set-cookie完整匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm
... ELSE Create List zxcvbnm
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00020
[Tags] selfserver ip+set-cookie左匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00021
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm
... ELSE Create List zxcvbnm
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Http-00022
[Tags] selfserver 修改
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${object_sk_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_sk_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat
... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json
... ELSE Create List text/json
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"лайн"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL,${object_sk_Id}|TSG_FIELD_HTTP_RES_HDR policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List лайн
... ELSE Create List лайн
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

815
01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot
View File

@@ -1,815 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc proxy_policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
ProxyPolicy-Replace-Ssl-00001
[Tags] selfserver ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00002
[Tags] selfserver ip+fqdn完整匹配+url
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"rutube/rutube.html","replace_with":"bytedance/bytedance.html"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 字节跳动 Tango Secure Gateway CA \ \ \ Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00003
[Tags] selfserver ip+cat右匹配+url
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"12345678"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 12345678 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 12345678 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00004
[Tags] selfserver ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"酒店式公寓"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 酒店式公寓 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00005
[Tags] selfserver ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"twitter","replace_with":"Newsgd.com is the premier online source of Guangdong news and information"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Newsgd.com is the premier online source of Guangdong news and information Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List Newsgd.com is the premier online source of Guangdong news and information Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00006
[Tags] selfserver ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00007
[Tags] selfserver ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"nhwy"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List nhwy Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List nhwy Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00008
[Tags] selfserver ip+请求头右匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_header","find":"Mozilla/5.0","replace_with":"1234"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List open.node.com X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List open.node.com X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00009
[Tags] selfserver ip+请求头字串匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List text/json X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00010
[Tags] selfserver ip+请求头完整匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List 发送GET请求 X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00011
[Tags] selfserver ip+请求头左匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List text/json X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00012
[Tags] selfserver ip+cookie字串匹配+url
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00013
[Tags] selfserver ip+应答头右匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"онлайнвхорошемкачествеслюбыхустройст"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List онлайнвхорошемкачествеслюбыхустройст Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List онлайнвхорошемкачествеслюбыхустройст Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00014
[Tags] selfserver ip+应答头字串匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"你好五一"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好五一 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 你好五一 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00015
[Tags] selfserver ip+应答头完整匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00016
[Tags] selfserver ip+应答头左匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00017
[Tags] selfserver ip+set-cookie右匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00018
[Tags] selfserver ip+set-cookie字串匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 发送GET请求 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00019
[Tags] selfserver ip+set-cookie完整匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00020
[Tags] selfserver ip+set-cookie左匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
@{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00021
[Tags] selfserver 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-SSL-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action
@{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm X-TG-Construct-By Tango Secure Gateway CA
... ELSE Create List zxcvbnm X-TG-Construct-By Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
ProxyPolicy-Replace-Ssl-00022
[Tags] selfserver 修改
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"酒店式公寓"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 酒店式公寓 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"你好明天"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR policyId=${policyId3}
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By
... ELSE Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

0
01-TestCase/tsg_adc/selfserver/Api_Security/.gitkeep
View File

35
01-TestCase/tsg_adc/selfserver/Api_Security/Allow_DNS_Tests.robot
View File

@@ -1,35 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Library Custometest
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Allow-DNS-00001
[Tags] selfserver monitor dns
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "DNS"} isValid=${1} appObjectIdArray=4
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com
... ELSE set variable nslookup -d www.yhd.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.yhd.com
... ELSE Create List canonical name = www.yhd.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} common_sled_ip 192.168.40.161

32
01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Ftp_Tests.robot
View File

@@ -1,32 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Library Custometest
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Allow-Ftp-00001
[Tags] selfserver monitor ftp
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"FTP"} isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} common_server_ip 192.168.100.5

126
01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot
View File

@@ -1,126 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Allow-Http-00001
[Tags] Selfserver Allow Http Ip
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Allow-Http-00002
[Tags] Selfserver Allow Http Ip+Cat右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员
... ELSE Create List 关闭播放器
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Allow-Http-00003
[Tags] Selfserver Allow Http Ip+Fqdn完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Allow-Http-00004
[Tags] Selfserver Allow Http Ip+Fqdn完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

45
01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Mail_Tests.robot
View File

@@ -1,45 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
Library Custometest
Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Allow-Mail-00001
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"MAIL"} isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123test
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com

97
01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot
View File

@@ -1,97 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Allow-SSL-00001
[Tags] Selfserver Allow Ssl Ip
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List видео
... ELSE Create List рутуб
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Allow-SSL-00002
[Tags] Selfserver Allow Ssl Ip+Cat完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter
... ELSE Create List 新鲜事一网打尽
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Allow-SSL-00003
[Tags] Selfserver Allow Ssl Ip+Fqdn右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动
... ELSE Create List 字节跳动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

265
01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot
View File

@@ -1,265 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Deny-DNS-00001
[Tags] selfserver dns deny ip+fqdn右匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*yhd.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "DNS","method":"drop"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com
... ELSE set variable nslookup \ www.yhd.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时
... ELSE Create List canonical name = www.yhd.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname yhd.com
SecurityPolicy-Deny-DNS-00002
[Tags] selfserver Ip+cat完整匹配 dns deny
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.toutiao.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.vip.com","ttl":{"min":300,"max":300}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_cat_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.toutiao.com
... ELSE set variable nslookup -debug -query=A \ www.toutiao.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.vip.com
... ELSE Create List canonical name = www.vip.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname toutiao.com
SecurityPolicy-Deny-DNS-00003
[Tags] dns deny selfserver 多Ip+fqdn网站匹配
Comment 创建第二个源IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.18|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.douban.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":350,"max":350}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME,${objectId}|TSG_SECURITY_SOURCE_ADDR
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.douban.com
... ELSE set variable nslookup -debug -query=AAAA \ www.douban.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.taobao.com
... ELSE Create List canonical name = www.taobao.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.douban.com
SecurityPolicy-Deny-DNS-00004
[Tags] selfserver Ip+cat完整匹配 dns deny
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.mgtv.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_cat_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.mgtv.com
... ELSE set variable nslookup -debug -query=A \ www.mgtv.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 192.168.50.18
... ELSE Create List 192.168.50.18
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.mgtv.com
SecurityPolicy-Deny-DNS-00005
[Tags] selfserver dns deny ip+fqdn右匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*suning.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.suning.com
... ELSE set variable nslookup -debug -query=AAAA \ www.suning.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List fc00::2:66
... ELSE Create List fc00::2:66
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.suning.com
SecurityPolicy-Deny-DNS-00006
[Tags] selfserver dns deny Ip+fqdn+cat
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*suning.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.mgtv.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.mgtv.com
... ELSE set variable nslookup -debug -query=AAAA \ www.mgtv.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List fc00::2:66
... ELSE Create List fc00::2:66
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.mgtv.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} referenceObject=${object_cat_Id}|TSG_FIELD_DNS_QNAME isValid=${1} appObjectIdArray=4 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.suning.com
... ELSE set variable nslookup -debug -query=A \ www.suning.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 192.168.50.18
... ELSE Create List 192.168.50.18
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.suning.com
SecurityPolicy-Deny-DNS-00007
[Tags] selfserver dns deny ip+fqdn右匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*suning.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.zhihu.com","ttl":{"min":300,"max":300}}],"qtype":"AAAA"}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.suning.com
... ELSE set variable nslookup -debug -query=AAAA www.suning.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List fc00::2:66 www.zhihu.com ttl = 300
... ELSE Create List fc00::2:66 www.zhihu.com ttl = 300
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.suning.com
SecurityPolicy-Deny-DNS-00008
[Tags] selfserver dns deny ip+fqdn完整匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.zealer.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.bilibili.com","ttl":{"min":500,"max":500}}],"qtype":"A"}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.zealer.com
... ELSE set variable nslookup -debug -query=A \ www.zealer.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 192.168.50.18 www.bilibili.com ttl = 500
... ELSE Create List 192.168.50.18 www.bilibili.com ttl = 500
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname zealer.com
SecurityPolicy-Deny-DNS-00009
[Tags] selfserver dns deny ip+fqdn完整匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.douyu.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.booking.com","ttl":{"min":500,"max":500}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.tuniu.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.douyu.com
... ELSE set variable nslookup -debug -query=A www.douyu.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 192.168.50.18 www.tuniu.com ttl = 500 www.booking.com fc00::2:66
... ELSE Create List 192.168.50.18 www.tuniu.com ttl = 500
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.douyu.com
... ELSE set variable nslookup -debug -query=AAAA www.douyu.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 192.168.50.18 www.tuniu.com ttl = 500 www.booking.com fc00::2:66
... ELSE Create List ttl = 500 www.booking.com fc00::2:66
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.douyu.com

345
01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot
View File

@@ -1,345 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Library Custometest
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Deny-Ftp-00001
[Tags] selfserver deny ftp account子串匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00002
[Tags] selfserver deny ftp account右匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00003
[Tags] selfserver deny ftp account完整匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00004
[Tags] selfserver deny ftp account左匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u*
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00005
[Tags] selfserver deny ftp url子串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=168.100
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00006
[Tags] selfserver deny ftp url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*t.txt
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00007
[Tags] selfserver deny ftp url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$ftp://192.168.100.5/test.txt
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00008
[Tags] selfserver deny ftp url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=ftp://192.168.100*
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00009
[Tags] selfserver deny ftp content子串匹配
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=中文test
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00010
[Tags] selfserver deny ftp content右匹配
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test.txt
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00011
[Tags] selfserver deny ftp content完整匹配
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$中文test.txt
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00012
[Tags] selfserver deny ftp content左匹配
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=中文te*
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00013
[Tags] selfserver deny ftp 多ip+修改
Comment 创建第二个源IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.10|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Account_Id}
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=中文te*
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT,${objectId}|TSG_SECURITY_SOURCE_ADDR isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_SOURCE_ADDR,${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00014
[Tags] selfserver deny ftp 最大组合
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=168.100
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=中文test
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT,${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt

1498
01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot
View File

File diff suppressed because it is too large Load Diff

747
01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot
View File

@@ -1,747 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
Library Custometest
Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Deny-Mail-00001
[Tags] selfserver subject右匹配 mail deny
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Subject_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123test
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00002
[Tags] selfserver subject完整匹配 mail deny
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$你好明天
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Subject_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 你好明天
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00003
[Tags] selfserver subject字串匹配 mail deny
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Subject_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00004
[Tags] selfserver subject左匹配 mail deny
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zxcv*
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Subject_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00005
[Tags] selfserver content字串匹配 mail deny
Comment 创建Content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо
${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123123132
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable Простопорно
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00006
[Tags] selfserver deny att_cont字串匹配 mail
Comment 创建ATT_CONT
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо
${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_ATT_CONT_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00007
[Tags] selfserver deny from右匹配 mail
Comment 创建From
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com
${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_From_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123test
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00008
[Tags] selfserver deny from完整匹配 mail
Comment 创建From
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com
${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_From_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 你好明天
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00009
[Tags] selfserver deny from字串匹配 mail
Comment 创建From
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=tsgmail
${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_From_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00010
[Tags] selfserver deny from左匹配 mail
Comment 创建From
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwct*
${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_From_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00011
[Tags] selfserver deny to右匹配 mail
Comment 创建To
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com
${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_To_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123test
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00012
[Tags] selfserver mali deny to完整匹配
Comment 创建To
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$zmmtest@mail.tsgmail.com
${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_To_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 你好明天
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00013
[Tags] selfserver mali deny to字串匹配
Comment 创建To
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes
${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_To_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["tsgtest@mail.tsgmail.com"]
${密送者} Set Variable ["yyqtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00014
[Tags] selfserver mali deny to左匹配
Comment 创建To
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmt*
${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_To_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00015
[Tags] selfserver mali deny account右匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*ail.com
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123test
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00016
[Tags] selfserver mali deny account完整匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 你好明天
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00017
[Tags] selfserver mali deny account字串匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwcte
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00018
[Tags] selfserver mali deny account左匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest*
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00019
[Tags] selfserver mali deny 最大组合
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*vbnm
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Subject_Id}
Comment 创建Content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=content
${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Content_Id}
Comment 创建ATT_CONT
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо
${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_ATT_CONT_Id}
Comment 创建From
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=il.com
${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_From_Id}
Comment 创建To
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes
${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_To_Id}
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest*
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00019 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT,${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT,${object_Content_Id}|TSG_FIELD_MAIL_CONTENT,${object_From_Id}|TSG_FIELD_MAIL_FROM,${object_To_Id}|TSG_FIELD_MAIL_TO,${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Deny-Mail-00020
[Tags] selfserver mali deny 多ip+修改
Comment 创建第二个源IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.10|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest*
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Account_Id}
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*cvbnm
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Subject_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00020 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT,${objectId}|TSG_SECURITY_SOURCE_ADDR isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00020 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT,${objectId}|TSG_SECURITY_SOURCE_ADDR isValid=${1} appObjectIdArray=5 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com

290
01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot
View File

@@ -1,290 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Deny-SSL-00001
[Tags] selfserver deny ssl ip+fqdn
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-SSL-00002
[Tags] selfserver ssl deny sni ip+fqdn右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-SSL-00003
[Tags] selfserver deny ssl sni ip+Cat完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-SSL-00004
[Tags] selfserver ssl deny ip+fqdn右匹配 cn
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-SSL-00005
[Tags] deny selfserver cn ssl ip+cat完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-SSL-00006
[Tags] selfserver ssl deny san ip+fqdn右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-SSL-00007
[Tags] selfserver deny san ssl ip+cat完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-SSL-00008
[Tags] selfserver deny ssl 最大组合 ip+cat+fqdn
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SAN,${object_fqdn_Id}|TSG_FIELD_SSL_SNI,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${object_cat_Id}|TSG_FIELD_SSL_SAN,${object_cat_Id}|TSG_FIELD_SSL_SNI,${object_cat_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-SSL-00009
[Tags] selfserver ssl deny san 多ip+fqdn右匹配
Comment 创建第二个源IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.18|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_SOURCE_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

168
01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot
View File

@@ -1,168 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Intercept-Http-00001
[Tags] Selfserver Intercept Ip Http
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-Http-00002
[Tags] Selfserver Intercept Http Ip+Cat右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员
... ELSE Create List 关闭播放器
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-Http-00003
[Tags] Selfserver Intercept Http Ip+Fqdn完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-Http-00004
[Tags] Selfserver Intercept Http 双协议
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2,3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-Http-00005
[Tags] Selfserver Intercept Http 修改
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_cat_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员
... ELSE Create List 关闭播放器
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

144
01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot
View File

@@ -1,144 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Intercept-SSL-00001
[Tags] Selfserver Intercept Ssl Ip
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable видео Tango Secure Gateway CA
... ELSE set variable рутуб Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00002
[Tags] Selfserver Intercept Ssl Ip+Cat完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable Twitter Tango Secure Gateway CA
... ELSE set variable 新鲜事一网打尽 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00003
[Tags] Selfserver Intercept Ssl Ip+Fqdn右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable 字节跳动 Tango Secure Gateway CA
... ELSE set variable 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00004
[Tags] Selfserver Intercept Ssl 修改
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable 字节跳动 Tango Secure Gateway CA
... ELSE set variable 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_cat_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable Twitter Tango Secure Gateway CA
... ELSE set variable 新鲜事一网打尽 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

200
01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot
View File

@@ -1,200 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Library Custometest
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/keyringobj
${keyringId} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Intercept-SSL-00001
[Tags] ip root selfserver
Comment 创建证书
${response} CreatePolicyMutipartFile ${url} keyrings/root/ mesalab-ca-cert.pem mesalab-ca-key.pem
${keyringId} Get From Dictionary ${response} keyringId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable видео mesalab-ca
... ELSE set variable рутуб mesalab-ca
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00002
[Tags] root selfserver ip+cat
Comment 创建证书
${response} CreatePolicyMutipartFile ${url} keyrings/root/ tango-ca-root-01-cer.pem tango-ca-root-01-key.pem
${keyringId} Get From Dictionary ${response} keyringId
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable Twitter tango-ca-root
... ELSE set variable Twitter tango-ca-root
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00003
[Tags] root ip+fqdn selfserver
Comment 创建证书
${response} CreatePolicyMutipartFile ${url} keyrings/root/ tango-ca-trust-ca-cer.pem tango-ca-trust-ca-key.pem
${keyringId} Get From Dictionary ${response} keyringId
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable 字节跳动 Tango National Proxy CA
... ELSE set variable 字节跳动 Tango National Proxy CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00004
[Tags] Selfserver ip intermediate
Comment 创建证书
${response} CreatePolicyMutipartFile ${url} keyrings/intermediate/ tang-ca-v3-intermediate-01-cer.pem tang-ca-v3-intermediate-01-key.pem {"isValid":1,"opAction":"add","returnData":1,"keyringName":"test1","keyringType":"intermediate","reissueExpiryHour":0,"crl":"null","publicKeyAlgo":"rsa1024","keyringId":null,"includeRoot":0}
${keyringId} Get From Dictionary ${response} keyringId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable видео tang-ca-v3-intermediate-01
... ELSE set variable рутуб tang-ca-v3-intermediate-01
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00005
[Tags] selfserver ip+cat intermediate
Comment 创建证书
${response} CreatePolicyMutipartFile ${url} keyrings/intermediate/ tang-ca-v3-intermediate-02-cer.pem tang-ca-v3-intermediate-02-key.pem {"isValid":1,"opAction":"add","returnData":1,"keyringName":"test2","keyringType":"intermediate","reissueExpiryHour":0,"crl":"null","publicKeyAlgo":"rsa1024","keyringId":null,"includeRoot":0}
${keyringId} Get From Dictionary ${response} keyringId
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable tang-ca-v3-intermediate-02 Twitter
... ELSE set variable Twitter tang-ca-v3-intermediate-02
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00006
[Tags] ip+fqdn selfserver end-entity
Comment 创建证书
${response} CreatePolicyMutipartFile ${url} keyrings/end-entity/ tang-ca-v3-www.amazon.cn-cer.pem tang-ca-v3-www.amazon.cn-key.pem {"isValid":1,"opAction":"add","returnData":1,"keyringName":"test3","keyringType":"end-entity","reissueExpiryHour":0,"crl":"null","publicKeyAlgo":"rsa1024","keyringId":null,"includeRoot":0}
${keyringId} Get From Dictionary ${response} keyringId
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable 字节跳动 Tango Secure Gateway CA
... ELSE set variable 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00007
[Tags] Selfserver ip end-entity
Comment 创建证书
${response} CreatePolicyMutipartFile ${url} keyrings/end-entity/ tang-ca-v3-www.bing.com-cer.pem tang-ca-v3-www.bing.com-key.pem {"isValid":1,"opAction":"add","returnData":1,"keyringName":"test4","keyringType":"end-entity","reissueExpiryHour":0,"crl":"null","publicKeyAlgo":"rsa1024","keyringId":null,"includeRoot":0}
${keyringId} Get From Dictionary ${response} keyringId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable видео Tango Secure Gateway CA
... ELSE set variable рутуб Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

64
01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot
View File

@@ -1,64 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Monitor-DNS-00001
[Tags] Selfserver Monitor Dns Ip+Fqdn右匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*yhd.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=Monitor effectiveRange= userRegion={"protocol": "DNS"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com
... ELSE set variable nslookup -d www.yhd.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.yhd.com
... ELSE Create List canonical name = www.yhd.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname yhd.com
SecurityPolicy-Monitor-DNS-00002
[Tags] Selfserver Monitor Dns Ip+Cat完整匹配
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.toutiao.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"DNS"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.toutiao.com
... ELSE set variable nslookup -d www.toutiao.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.toutiao.com
... ELSE Create List canonical name = www.toutiao.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname toutiao.com

102
01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot
View File

@@ -1,102 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Library Custometest
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Monitor-Ftp-00001
[Tags] selfserver monitor account字串匹配 ftp
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Monitor-Ftp-00002
[Tags] selfserver ftp monitor account右匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Monitor-Ftp-00003
[Tags] selfserver ftp account完整匹配 monitor
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Monitor-Ftp-00004
[Tags] selfserver ftp monitor account左匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u*
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user

763
01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot
View File

@@ -1,763 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Monitor-Http-00001
[Tags] Selfserver Monitor Ip Http
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
... ELSE Create List 酒店式公寓
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00002
[Tags] Selfserver Monitor Http Ip+Fqdn右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员
... ELSE Create List 关闭播放器
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00003
[Tags] Selfserver Monitor Http Ip+Cat完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00004
[Tags] Selfserver Monitor Http Ip+Url字串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node.com
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00005
[Tags] Selfserver Monitor Http Ip+Url右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*youtube.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员
... ELSE Create List 关闭播放器
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00006
[Tags] Selfserver Monitor Http Ip+Url完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00007
[Tags] Selfserver Monitor Http Ip+Url左匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open*
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00008
[Tags] Selfserver Monitor Http Ip+请求头字串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00009
[Tags] Selfserver Monitor Http Ip+请求头右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00010
[Tags] Selfserver Monitor Http Ip+请求头完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00011
[Tags] Selfserver Monitor Http Ip+请求头左匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求
... ELSE Create List 发送POST请求
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00012
[Tags] Selfserver Monitor Http Ip+Cookie子串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${object_CK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat
... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00013
[Tags] Selfserver Monitor Http Ip+应答头字串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type
${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00014
[Tags] Selfserver Monitor Http Ip+应答头右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type
${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员
... ELSE Create List 关闭播放器
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00015
[Tags] Selfserver Monitor Http Ip+应答头完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type
${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00016
[Tags] Selfserver Monitor Http Ip+应答头左匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type
${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List switch=kazakh
... ELSE Create List ақстан Республ
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00017
[Tags] Selfserver Monitor Http Ip+Set-Cookie字串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=4567|Set-Cookie
${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List test
... ELSE Create List test
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00018
[Tags] Selfserver Monitor Http Ip+Set-Cookie右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie
${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List test
... ELSE Create List test
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00019
[Tags] Selfserver Monitor Http Ip+Set-Cookie完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00019 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List test
... ELSE Create List test
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00020
[Tags] Selfserver Monitor Http Ip+Set-Cookie左匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=1234*|Set-Cookie
${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00020 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List test
... ELSE Create List test
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00021
[Tags] Selfserver Monitor Http Ip+请求体
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00021 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List test
... ELSE Create List test
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00022
[Tags] Selfserver Monitor Http Ip+应答体
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық
${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00022 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00023
[Tags] selfserver ip+请求体and关系
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=ctes&t123
${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00023 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body
... ELSE Create List Response Body
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00024
[Tags] selfserver ip+请求体或关系
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test,qazx
${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00024 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body
... ELSE Create List Response Body
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00025
[Tags] selfserver ip+应答体and关系
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық&жайлы
${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00025 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-Http-00026
[Tags] selfserver ip+应答体或关系
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық,1234
${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00026 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
... ELSE Create List nationalbank
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

628
01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot
View File

@@ -1,628 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
Library Custometest
Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Monitor-Mail-00001
[Tags] Selfserver Subject右匹配 Mail Monitor
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Subject_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123test
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00002
[Tags] Selfserver Mali Subject完整匹配 Monitor
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$你好明天
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Subject_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 你好明天
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00003
[Tags] Selfserver Mali Subject字串匹配 Monitor
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Subject_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00004
[Tags] Selfserver Subject左匹配 Mail Monitor
Comment 创建Subject
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zxcv*
${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Subject_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00005
[Tags] Selfserver Content字串匹配 Mail Monitor
Comment 创建Content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо
${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123123132
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable Простопорно
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00006
[Tags] Selfserver ATT_CONT字串匹配 Monitor Mail
Comment 创建ATT_CONT
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо
${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_ATT_CONT_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00007
[Tags] Selfserver Mali From右匹配 Monitor
Comment 创建From
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com
${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_From_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123test
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00008
[Tags] Selfserver From完整匹配 Monitor Mail
Comment 创建From
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com
${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_From_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 你好明天
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00009
[Tags] Selfserver From字串匹配 Mail Monitor
Comment 创建From
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=tsgmail
${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_From_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00010
[Tags] Selfserver From左匹配 Mail Monitor
Comment 创建From
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwct*
${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_From_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00011
[Tags] Selfserver To右匹配 Mail Monitor
Comment 创建To
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com
${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_To_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123test
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00012
[Tags] Selfserver To完整匹配 Monitor Mail
Comment 创建To
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$zmmtest@mail.tsgmail.com
${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_To_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 你好明天
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00013
[Tags] Selfserver To字串匹配 Monitor Mail
Comment 创建To
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes
${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_To_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["tsgtest@mail.tsgmail.com"]
${密送者} Set Variable ["yyqtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00014
[Tags] Selfserver To左匹配 Mail Monitor
Comment 创建To
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmt*
${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_To_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00015
[Tags] Selfserver Account右匹配 Mail monitor
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*ail.com
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 123test
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00016
[Tags] Selfserver Account完整匹配 Mail Monitor
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable 你好明天
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00017
[Tags] Selfserver Account字串匹配 Monitor Mail
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwcte
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable Простопорно
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com
SecurityPolicy-Monitor-Mail-00018
[Tags] Selfserver Account左匹配 Monitor Mail
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest*
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-monitor-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable jwctest@mail.tsgmail.com
${邮箱密码} Set Variable jwctest
${邮件主题} Set Variable zxcvbnm
${发送者} Set Variable jwctest@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["zmmtest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明content
${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
Log ${发送邮件返回结果}
should contain ${发送邮件返回结果} mail_success
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com

213
01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot
View File

@@ -1,213 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Monitor-SSL-00001
[Tags] Selfserver Monitor Ip Ssl
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List видео
... ELSE Create List рутуб
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-SSL-00002
[Tags] Selfserver Monitor Ssl Sni Ip+Fqdn右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter
... ELSE Create List 新鲜事一网打尽
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-SSL-00003
[Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 Sni
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动
... ELSE Create List 字节跳动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-SSL-00004
[Tags] Selfserver SSL Monitor Cn Ip+Fqdn右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter
... ELSE Create List 新鲜事一网打尽
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-SSL-00005
[Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 Cn
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动
... ELSE Create List 字节跳动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-SSL-00006
[Tags] Selfserver Monitor Ssl San Ip+Fqdn右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter
... ELSE Create List 新鲜事一网打尽
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Monitor-SSL-00007
[Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 San
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动
... ELSE Create List 字节跳动
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com

133
01-TestCase/tsg_adc/selfserver/SelfServerDenyAllTests.robot
View File

@@ -1,133 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security all_protol
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/PolicyObjectDefault.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Library Custometest
Library json
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/responsepages
${profiledId} ${EMPTY}
*** Test Cases ***
SelfServerSecurityPolicy-Deny-AllProtol-00001
[Tags] securitypolciy deny allprotol selfserver
${caseName} set variable SelfServerSecurityPolicy-Deny-AllProtol-00001
# 创建对象-IP
# addItemList全参数为方便说明将参数值拆分为几部分其实际值为单条无空格/回车字符串,每部分内代表的各参数不可跳跃。)
# [addrType]|[protocol]|[direction]|[isSession]# 第一部分(可省略)
# [clientIpFormat]|[clientIp1]|[clientIp2]|[clientPort1/clientPort2]& 第二部分(不可省略)
# [serverIpFormat]|[serverIp1]|[serverIp2]|[serverPort1/serverPort2]| 第三部分(可省略)
# [isInitialize]|[itemName]|[itemDesc], 第四部分(可省略)
# ...
Comment 创建目标IP
${objectDict} Create Dictionary
... objectType=ip
... isValid=${Default_IsValid}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_IPobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc}
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建安全策略针对所有协议相当于BlackIP
${policyDict} Create Dictionary
... policyName=${caseName}_IPobject
... policyType=${tsg_security}
... policyDesc=${Default_PolicyDesc}
... action=deny
... effectiveRange=${Default_EffectiveRange}
... userRegion={"method":"rst"}
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
... isValid=${Default_IsValid}
... appObjectIdArray=${Default_AppObjectIdArray}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
#默认客户端条件类型clientip or clientsubid ${Default_Client_Type}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-AllProtol-00001_HTTP.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 功能端验证SSL验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-AllProtol-00001_SSL.bat
... ELSE set variable curl -kv https://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
#OpenSSL SSL_connect: Connection was reset in connection to
#Send failure: Connection was reset
... ELSE Create List OpenSSL SSL_connect: Connection reset by peer in connection to
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
${starttime} Get Time
#${mail} EmailLogin mail.tsgmail.com 25 dongxiaoyan@mail.tsgmail.com dxy123
${starttime} Get Time
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable dongxiaoyan@mail.tsgmail.com
${邮箱密码} Set Variable dxy123
${邮件主题} Set Variable что- иностранныеsuject
${发送者} Set Variable dongxiaoyan@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["jwctest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["lyftest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明contentчто-иностранныеsuject
${mail} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
should contain ${mail} mail_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${ftpLogin} FTP_login ftp://192.168.100.5:21 -u"ftp_user:qazXSW@edc" test.txt
should contain ${ftpLogin} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ''
#{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"rst"},"referenceObject":[{"objectId":6926,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":6943,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]}],"isValid":0,"scheduleId":[],"appObjectIdArray":[2,3,4,5,6]}}

137
01-TestCase/tsg_adc/test_demo/AllFlowDemo.robot
View File

@@ -1,137 +0,0 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Demo
Library OperatingSystem
Library json
Library Collections
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Keywords ***
create-object-policy
[Arguments] @{flag}
#创建对象
${rescode} ${objectId} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"SecurityPolicy-HTTPS-Intecept-Demo001dxytest_fqdn_baidu", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"SecurityPolicy-HTTPS-Intecept-Demo001dxytest_fqdn_baidu", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*baidu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${objectId}
${objectids} set Variable ${objectId}
#创建策略
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-SSL-Intecept-Demo001","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${objectId},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-SSL-Intecept-Demo001","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":0},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${objectId},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
log ${rescode}
log ${policyId}
# 区分执行方式
${value} Run Keyword If ${flag}==[] insert_policyId_to_file SecurityPolicy-SSL-Intecept-Demo001 ${policyId} ${objectids}
... ELSE Create Dictionary policyId=${policyId} objectId=${objectids}
Set Test Variable ${dict} ${value}
function-test
# 功能端验证
@{stringlist} set variable CN=Tango Secure Gateway CA Content-Type: text/html value=百度一下
${starttime} Get Time
log ${curlbatpath}/SecurityPolicy-SSL-Intecept-Demo001.bat
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run ${curlbatpath}/SecurityPolicy-SSL-Intecept-Demo001.bat
FOR ${var} IN @{stringlist}
log ${var}
Should Contain ${commandreturn} ${var}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
# 区分执行方式
Run Keyword If ${dict}==${None} insert_time_to_file SecurityPolicy-SSL-Intecept-Demo001 ${starttime} ${endtime}
... ELSE Run Keyword Set To Dictionary ${dict} starttime=${starttime} endtime=${endtime}
log-test
# 日志验证
${obj} Run Keyword If ${dict}==${None} json.Loads ${SecurityPolicy-SSL-Intecept-Demo001}
... ELSE Set Variable ${dict}
${policyId} Set Variable ${obj}[policyId]
${s} Convert to String ${policyId}
GetLogList security_event_log ${obj}[starttime] ${obj}[endtime] ${testClentIP} ${s} ssl_sni baidu.com
# 清理测试数据
#${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
# DeletePolicyAndObject ${policyIds} ${obj}[objectId]
*** Test Cases ***
SecurityPolicy-DNS-Deny-Redrict-Demo001
[Tags] SecurityPolciy DNS DENY Redirect
#登录 放到setup
#Login
#创建对象fqdn
${rescode} ${objectId} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"SecurityPolicy-DNS-Deny-Redrict-Demo001dxytest_fqdn_jd", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"dxytest_fqdn_jd", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
log ${objectId}
${objectids} set Variable ${objectId}
#多个id拼接
#${objectids} Catenate SEPARATOR=, ${objectids} ${objectId}
#${objectids} set Variable ${objectId}
#Catenate SEPARATOR=,
#添加策略
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":[{"policyId":"","policyName":"SecurityPolicy-DNS-Deny-Redrict-Demo001","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.autotest1A.com","ttl":{"min":30,"max":30}},{"atype":"A","value":"1.1.1.1","ttl":{"min":30,"max":30}}]},{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.autotest4A.com","ttl":{"min":40,"max":40}},{"atype":"AAAA","value":"f::a","ttl":{"min":40,"max":40}}]}]},"referenceObject":[{"objectId":112,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${objectId},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[4]}]}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":[{"policyId":"","policyName":"SecurityPolicy-DNS-Deny-Redrict-Demo001","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.autotest1A.com","ttl":{"min":30,"max":30}},{"atype":"A","value":"1.1.1.1","ttl":{"min":30,"max":30}}]},{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.autotest4A.com","ttl":{"min":40,"max":40}},{"atype":"AAAA","value":"f::a","ttl":{"min":40,"max":40}}]}]},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${objectId},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[4]}]}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
log ${policyId}
#Integer ${rescode} 200
#目前只有一个所以无拼接
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
#注意如果时多个policyId或者多个ObjectID需要拼接成,号分割的串,或者拼在下面即可
#功能端验证
${commandstr} set variable nslookup -d www.jd.com
@{stringlist} set variable canonical name = www.autotest1A.com ttl = 30 (30 secs) internet address = 1.1.1.1 canonical name = www.autotest4A.com ttl = 40 (40 secs) AAAA IPv6 address = f::a
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
log ${rescode}
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.jd.com
SecurityPolicy-SSL-Intecept-Demo001
[Tags] SecurityPolciy SSL Intercept HTTPS
Run Keyword If '${testPart}'=='all' Run Keywords create-object-policy True
... AND function-test
... AND log-test
... ELSE IF ${testPart}==1 Run Keyword create-object-policy
... ELSE IF ${testPart}==2 Run Keyword function-test
... ELSE IF ${testPart}==3 Run Keyword log-test
SecurityPolicy-SSL-Intecept-Demo002
[Tags] SecurityPolciy SSL Intercept HTTPS HTTP-SSL
#因为只选择app协议时要求选择IP所有如果测试机IP不是默认对象时需要添加测试机ip作为条件
${localIP} set variable {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","objectSubType":"endpoint","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"autotestLocalIPObject_SecurityPolicy-SSL-Intecept-Demo002","objectDesc":"LocalIPObject_SecurityPolicy-SSL-Intecept-Demo002自动化测试机IP","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"isSession":"endpoint","clientIp1":"${testClentIP}","clientIp2":"${testClentIP}","clientIpFormat":"range","clientPortFormat":"range","clientPort1":0,"clientPort2":0,"serverIpFormat":"range","serverIp1":"","serverIp2":"","serverPortFormat":"range","serverPort1":0,"serverPort2":0}],"updateItemList":[],"deleteItemIds":[]}}
${rescodeip} ${objidip} AddObject ${localIP}
${objectids} set Variable ${objidip}
#创建策略
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-SSL-Intecept-Demo002","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"protocol_errors":1,"cert_pinning":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${objidip},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2,3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-SSL-Intecept-Demo002","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"protocol_errors":1,"cert_pinning":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2,3]}}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
#功能端验证
# 区分执行方式
@{stringlist} set variable CN=Tango Secure Gateway CA Content-Type: text/html value=百度一下
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run ${curlbatpath}/SecurityPolicy-SSL-Intecept-Demo001.bat
FOR ${var} IN @{stringlist}
log ${var}
Should Contain ${commandreturn} ${var}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
# 区分执行方式
# 日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${obj}[starttime] ${obj}[endtime] ${testClentIP} ${s} ssl_sni baidu.com
# 清理测试数据
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}

0
01-TestCase/tsg_bfapi/Settings/.gitkeep
View File

0
01-TestCase/tsg_bfapi/active_defence_event_log/.gitkeep
View File

362
01-TestCase/tsg_bfapi/active_defence_event_log/Log-count.robot
View File

@@ -1,362 +0,0 @@
*** Settings ***
Force Tags api api-log api-log-active_defence_event_log api-log-active_defence_event_log-count
Resource ../../../02-Keyword/tsg_bfapi/Log_keyword.robot
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
Library OperatingSystem
Library Selenium2Library
Library RequestsLibrary
Library Collections
Library string
Library REST http://${host}:${port}/${version}
Library json
*** Test Cases ***
CountLog-001
${condition} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"sub", "value":["22"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-002
${condition} Set Variable []
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-003
${condition} Set Variable {"field":"common_log_id","type":"long","symbol":"=","value":["59526984506148866"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-004
${condition} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"=", "value":["2020-04-27 12:48:33"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-005
${condition} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"=", "value":["774"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-006
${condition} Set Variable { "field":"ad_cc_target_url", "type":"string", "symbol":"sub", "value":["www.jianshu.com"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-007
${condition} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"exactly", "value":["10.3.22.222"] },{"field":"common_log_id","type":"long","symbol":"=","value":["59526984506148866"] },{ "field":"common_recv_time", "type":"timestamp", "symbol":"=", "value":["2020-04-27 13:27:02"] },{ "field":"common_policy_id", "type":"int", "symbol":"=", "value":["95"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","condaiapi-logaa tions":[${condition}]}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-008
${condition} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"prefix", "value":["10"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-009
${condition} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"suffix", "value":["222"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-010
${condition} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"exactly", "value":["10.3.22.222"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-011
${condition} Set Variable { "field":"ad_target_ip", "type":"string", "value":["10"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-012
${condition} Set Variable { "field":"ad_target_ip", "type":"string", "value":["10"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-013
${condition} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"!=", "value":["774"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-014
${condition} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"!=", "value":["774"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-015
${condition} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"<", "value":["774"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-016
${condition} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"<=", "value":["774"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-017
${condition} Set Variable { "field":"common_policy_id", "type":"int", "symbol":">=", "value":["774"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-018
${condition} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"in", "value":["774","95"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-019
${condition} Set Variable { "field":"common_recv_time", "type":"timestamp", "value":["2020-04-27 12:48:33"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-020
${condition} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":">", "value":["2020-04-27 12:48:33"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-021
${condition} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"<", "value":["2020-04-27 12:48:33"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-022
${condition} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"<=", "value":["2020-04-27 12:48:33"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-023
${condition} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":">=", "value":["2020-04-27 12:48:33"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-024
${condition} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"between", "value":["2020-04-27 12:48:33","2020-04-27 13:27:03"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]
CountLog-025
${condition} Set Variable { "field":"common_recv_time", "type":"timestamp", "value":["2020-04-27 12:48:33","2020-04-27 13:27:03"] }
${pageSize} Set Variable 30
${pageNo} Set Variable 1
${starttime} Set Variable 2020-04-26 12:27:03
${endtime} Set Variable 2020-04-27 13:27:03
${logname} Set Variable active_defence_event_log
${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition}}
${url} Set Variable log/count
${response} Post-Request ${url} ${logCondition}
${responsejson} Evaluate type($response)
Should Be Equal As Strings ${response}[code] 200
log ${response}[data][total]

285
01-TestCase/tsg_bfapi/active_defence_event_log/Log_batch.robot
View File

@@ -1,285 +0,0 @@
*** Settings ***
Force Tags api api-log api-log-active_defence_event_log api-log-active_defence_event_log-batch
Library downloadexcel.py
Resource ../../../02-Keyword/tsg_bfapi/Log_keyword.robot
*** Variables ***
@{logType} security_event_log proxy_event_log connection_record_log radius_record_log
*** Test Cases ***
ExportLog-001
${conditions} Set Variable {"field":"common_log_id","type":"long","symbol":"=","value":["59526984506148866"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-002
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"=", "value":["2020-04-27 12:48:33"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-003
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"=", "value":["774"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-004
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"=", "value":["774"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-005
${conditions} Set Variable { "field":"ad_cc_target_url", "type":"string", "symbol":"sub", "value":["www.jianshu.com"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-006
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"sub", "value":["22"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-007
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"exactly", "value":["10.3.22.222"] },{"field":"common_log_id","type":"long","symbol":"=","value":["59526984506148866"] },{ "field":"common_recv_time", "type":"timestamp", "symbol":"=", "value":["2020-04-27 13:27:02"] },{ "field":"common_policy_id", "type":"int", "symbol":"=", "value":["95"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... [${conditions}]
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-008
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"prefix", "value":["10"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-009
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"suffix", "value":["222"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-010
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"exactly", "value":["10.3.22.222"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-011
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "value":["10"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-012
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "value":["774"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-013
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"!=", "value":["774"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-014
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":">", "value":["774"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-015
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"<", "value":["774"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-016
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"<=", "value":["774"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-017
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":">=", "value":["774"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-018
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"in", "value":["774","95"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-019
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "value":["2020-04-27 12:48:33"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-020
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":">", "value":["2020-04-27 12:48:33"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-021
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"<", "value":["2020-04-27 12:48:33"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-022
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"<=", "value":["2020-04-27 12:48:33"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-023
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":">=", "value":["2020-04-27 12:48:33"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-024
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"between", "value":["2020-04-27 12:48:33","2020-04-27 13:27:03"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
ExportLog-025
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "value":["2020-04-27 12:48:33","2020-04-27 13:27:03"] }
${logname} Set Variable active_defence_event_log
${logCondition} GetLogCondition ${logname} 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
log ${logCondition}
${header} Create Dictionary Content-Type=application/json Authorization=${token}
${success} downloadexcel ${header} ${logCondition} http://${host}:${port}/${version}/log/batch
log ${success}
Should Be Equal ${success} ${200} active_defence_event_log\ test query export failed
*** Keywords ***

310
01-TestCase/tsg_bfapi/active_defence_event_log/Log_search.robot
View File

@@ -1,310 +0,0 @@
*** Settings ***
Force Tags api api-log api-log-active_defence_event_log api-log-active_defence_event_log-search
Library OperatingSystem
Library Selenium2Library
Library RequestsLibrary
Library Collections
Resource ../../../02-Keyword/tsg_bfapi/Log_schema.robot
Resource ../../../02-Keyword/tsg_bfapi/Log_search.robot
Library string
Library REST http://${host}:${port}/${version}
Resource ../../../02-Keyword/tsg_bfapi/Log_keyword.robot
*** Test Cases ***
log-schema-001
${filds} schema
log ${filds}
log-search-002
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} []
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-003
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable {"field":"common_log_id","type":"long","symbol":"=","value":["59526984506148866"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${logid} Set Variable ${responselist}[0][common_log_id]
Should Be Equal As Strings ${logid} 59526984506148866
log-search-004
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"=", "value":["2020-04-27 12:48:33"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${time} Set Variable ${responselist}[0][common_recv_time]
Should Be Equal As Strings ${time} 2020-04-27 12:48:33
log-search-005
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"=", "value":["774"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${policyid} Set Variable ${responselist}[0][common_policy_id]
Should Be Equal As Strings ${policyid} 774
log-search-006
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"ad_cc_target_url", "type":"string", "symbol":"sub", "value":["www.jianshu.com"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
log ${responselist}
should be empty ${responselist}
log-search-007
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"sub", "value":["22"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${ip} Set Variable ${responselist}[0][ad_target_ip]
should contain ${ip} 22
log-search-008
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"prefix", "value":["10"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${ip} Set Variable ${responselist}[0][ad_target_ip]
should contain ${ip} 10
log-search-009
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"suffix", "value":["222"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${ip} Set Variable ${responselist}[0][ad_target_ip]
should contain ${ip} 222
log-search-010
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"exactly", "value":["10.3.22.222"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${ip} Set Variable ${responselist}[0][ad_target_ip]
Should Be Equal As Strings ${ip} 10.3.22.222
log-search-011
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"ad_target_ip", "type":"string", "symbol":"exactly", "value":["10.3.22.222"] },{"field":"common_log_id","type":"long","symbol":"=","value":["59526984506148866"] },{ "field":"common_recv_time", "type":"timestamp", "symbol":"=", "value":["2020-04-27 13:27:02"] },{ "field":"common_policy_id", "type":"int", "symbol":"=", "value":["95"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${ip} Set Variable ${responselist}[0][ad_target_ip]
Should Be Equal As Strings ${ip} 10.3.22.222
${time} Set Variable ${responselist}[0][common_recv_time]
Should Be Equal As Strings ${time} 2020-04-27 13:27:02
${logid} Set Variable ${responselist}[0][common_log_id]
Should Be Equal As Strings ${logid} 59526984506148866
${policyid} Set Variable ${responselist}[0][common_policy_id]
Should Be Equal As Strings ${policyid} 95
log-search-012
${conditions} Set Variable {"field":"common_log_id","type":"long","symbol":"=","value":["59526984506148866"] }
${simpleCondition} Set Variable "common_server_ips": "40"
${logCondition} GetLogCondition active_defence_event_log 2020-04-26 12:27:03 2020-04-27 13:27:03 30 1
... ${conditions}
${response} BasePostRequest v1/log/list ${logCondition}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${logid} Set Variable ${responselist}[0][common_log_id]
Should Be Equal As Strings ${logid} 59526984506148866
log-search-013
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "value":["774"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${policyid} Set Variable ${responselist}[0][common_policy_id]
Should Be Equal As Strings ${policyid} 774
log-search-014
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"!=", "value":["774"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-015
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":">", "value":["774"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-016
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"<", "value":["774"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-017
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"<=", "value":["774"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-018
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":">=", "value":["774"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-019
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_policy_id", "type":"int", "symbol":"in", "value":["774","95"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} ${conditions}
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-020
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "value":["2020-04-27 12:48:33"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${time} Set Variable ${responselist}[0][common_recv_time]
Should Be Equal As Strings ${time} 2020-04-27 12:48:33
log-search-021
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":">", "value":["2020-04-27 12:48:33"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-022
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"<", "value":["2020-04-27 12:48:33"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-023
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"<=", "value":["2020-04-27 12:48:33"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200
${responsedata} Get From Dictionary ${response} data
log ${responsedata}
${responselist} Get From Dictionary ${responsedata} list
${time} Set Variable ${responselist}[0][common_recv_time]
Should Be Equal As Strings ${time} 2020-04-27 12:48:33
log-search-024
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":">=", "value":["2020-04-27 12:48:33"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-025
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "symbol":"between", "value":["2020-04-27 12:48:33","2020-04-27 13:27:03"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200
log-search-026
#${filds} schema
${responsedata} Get-Request log/schema?logType=active_defence_event_log
${filds} Set Variable ${responsedata['data']['fields']}
${conditions} Set Variable { "field":"common_recv_time", "type":"timestamp", "value":["2020-04-27 12:48:33","2020-04-27 13:27:03"] }
${response} log_search 2020-04-26 12:27:03 2020-04-27 13:27:03 active_defence_event_log ${filds} [${conditions}]
log ${response}
Should Be Equal As Strings ${response.code} 200

BIN
01-TestCase/tsg_bfapi/active_defence_event_log/__pycache__/downloadexcel.cpython-36.pyc
View File

Binary file not shown.

BIN
01-TestCase/tsg_bfapi/active_defence_event_log/__pycache__/downloadexcel.cpython-37.pyc
View File

Binary file not shown.

14
01-TestCase/tsg_bfapi/active_defence_event_log/downloadexcel.py
View File

@@ -1,14 +0,0 @@
import requests
def downloadexcel(headers,data,url):
response = requests.post(url, headers=headers, data=data)
if response.status_code == 200:
with open("active_defence_event_log"+".xlsx", "wb") as code:
code.write(response.content)
return 200;
else:
print('导出失败'+response.content)
return 500;
if __name__ == '__main__':
downloadexcel(header,data,url)

105
01-TestCase/tsg_bfapi/api_log/LogStatistics-Country.robot
View File

@@ -1,105 +0,0 @@
*** Settings ***
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
Library DateTime
*** Test Cases ***
Statistics-Country-00001
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable country
#请求地址 例如:/report/domain/recommend
${url} set variable /report/country/sourceipnum
#开始时间格式Y-M-D h:i:s
${startTime} set variable 2020-05-10 15:56:05
#结束时间格式Y-M-D h:i:s
${endTime} set variable 2020-05-25 15:56:35
#limit int型
${limit} set variable 50
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} limit=${limit}
Statistics-Country-00002
#最近一小时
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable country
#请求地址 例如:/report/domain/recommend
${url} set variable /report/country/sourceipnum
#开始时间
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -01:00:00
#limit int型
${limit} set variable 50
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} limit=${limit}
Statistics-Country-00003
#最近一天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable country
#请求地址 例如:/report/domain/recommend
${url} set variable /report/country/sourceipnum
#开始时间
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
#结束时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -1 days
log ${endTime}
log ${startTime}
#limit int型
${limit} set variable 50
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} limit=${limit}
Statistics-Country-00004
#最近一周
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable country
#请求地址 例如:/report/domain/recommend
${url} set variable /report/country/sourceipnum
#开始时间
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
#结束时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -7 days
log ${endTime}
log ${startTime}
#limit int型
${limit} set variable 50
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} limit=${limit}
Statistics-Country-00005
#最近一个月30天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable country
#请求地址 例如:/report/domain/recommend
${url} set variable /report/country/sourceipnum
#开始时间
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
#结束时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -30 days
log ${endTime}
log ${startTime}
#limit int型
${limit} set variable 50
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} limit=${limit}
Statistics-Country-00006
#最近一年365天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable country
#请求地址 例如:/report/domain/recommend
${url} set variable /report/country/sourceipnum
#开始时间
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
#结束时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -365 days
log ${endTime}
log ${startTime}
#limit int型
${limit} set variable 50
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} limit=${limit}

12
01-TestCase/tsg_bfapi/api_log/LogStatistics-domain.robot
View File

@@ -1,12 +0,0 @@
*** Settings ***
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
*** Test Cases ***
Statistics-domain-00001
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable domain
#请求地址 例如:/report/domain/recommend
${url} set variable /report/domain/recommend
# \ 统计时间, \ 查询最近24小时数据例如当前时间为2020-03-26 15:14:00, 查询时间应设为推前1小时的整点实际传入参数为 "2020-03-26 14:00:00"
${statisticTime} set variable 2020-05-10 15:56:05
GetApi ${apiName} ${url} statisticTime=${statisticTime}

19
01-TestCase/tsg_bfapi/api_log/LogStatistics-domain_resource.robot
View File

@@ -1,19 +0,0 @@
*** Settings ***
Library DateTime
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
*** Test Cases ***
LogStatistics-domain_resource-00001
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable domain_resource
#请求地址 例如:/report/domain/recommend
${url} set variable /report/domain/resource/analyze
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime} -30 days
${startTime} Get Substring ${startTime} \ -4
${policyId} set variable 0
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_id=${policyId}

102
01-TestCase/tsg_bfapi/api_log/LogStatistics-hijack_srcip_location.robot
View File

@@ -1,102 +0,0 @@
*** Settings ***
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
Library DateTime
*** Test Cases ***
Statistics-hijack_srcip_location-00001
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_location
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_location
#开始时间格式Y-M-D h:i:s
${startTime} set variable 2020-04-26 16:40:01
#结束时间格式Y-M-D h:i:s
${endTime} set variable 2020-05-26 10:57:47
#策略ID
${policy_id} set variable 0
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_id=${policy_id}
Statistics-hijack_srcip_location-00002
#最近一小时
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_location
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_location
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -01:00:00
${startTime} Get Substring ${startTime} \ -4
#策略ID
${policy_id} set variable 0
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_id=${policy_id}
Statistics-hijack_srcip_location-00003
#最近一天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_location
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_location
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#结束时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -1 days
${startTime} Get Substring ${startTime} \ -4
#策略ID
${policy_id} set variable 0
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_id=${policy_id}
Statistics-hijack_srcip_location-00004
#最近一周
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_location
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_location
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -7 days
${startTime} Get Substring ${startTime} \ -4
#策略ID
${policy_id} set variable 0
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_id=${policy_id}
Statistics-hijack_srcip_location-00005
#最近一个月30天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_location
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_location
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -30 days
${startTime} Get Substring ${startTime} \ -4
#策略ID
${policy_id} set variable 0
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_id=${policy_id}
Statistics-hijack_srcip_location-00006
#最近一年365天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_location
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_location
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -365 days
${startTime} Get Substring ${startTime} \ -4
#策略ID
${policy_id} set variable 0
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_id=${policy_id}

98
01-TestCase/tsg_bfapi/api_log/LogStatistics-hijack_srcip_num.robot
View File

@@ -1,98 +0,0 @@
*** Settings ***
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
Library DateTime
*** Test Cases ***
LogStatistics-hijack_scrip_num-00001
#120未更新
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_num
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_num
#开始时间格式Y-M-D h:i:s
${startTime} set variable 2020-04-26 16:40:01
#结束时间格式Y-M-D h:i:s
${endTime} set variable 2020-05-26 10:57:47
#策略ID列表多个逗号分隔
${policy_ids} set variable 0
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_ids=${policy_ids}
LogStatistics-hijack_scrip_num-00002
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_num
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_num
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -01:00:00
${startTime} Get Substring ${startTime} \ -4
#策略ID列表多个逗号分隔
${policy_ids} set variable 0,1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_ids=${policy_ids}
LogStatistics-hijack_scrip_num-00003
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_num
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_num
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#结束时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -1 days
${startTime} Get Substring ${startTime} \ -4
#策略ID列表多个逗号分隔
${policy_ids} set variable 0,1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_ids=${policy_ids}
LogStatistics-hijack_scrip_num-00004
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_num
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_num
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -7 days
${startTime} Get Substring ${startTime} \ -4
#策略ID列表多个逗号分隔
${policy_ids} set variable 0,1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_ids=${policy_ids}
LogStatistics-hijack_scrip_num-00005
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_num
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_num
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -30 days
${startTime} Get Substring ${startTime} \ -4
#策略ID列表多个逗号分隔
${policy_ids} set variable 0,1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_ids=${policy_ids}
LogStatistics-hijack_scrip_num-00006
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable hijack_srcip_num
#请求地址 例如:/report/domain/recommend
${url} set variable /report/hijack_srcip_num
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -365 days
${startTime} Get Substring ${startTime} \ -4
#策略ID列表多个逗号分隔
${policy_ids} set variable 0,1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} policy_ids=${policy_ids}

111
01-TestCase/tsg_bfapi/api_log/LogStatistics-injectionstatistics.robot
View File

@@ -1,111 +0,0 @@
*** Settings ***
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
Library DateTime
*** Test Cases ***
LogStatistics-injectionstatistics-00001
#120未更新
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable injectionstatistics
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/injectionstatistics
#开始时间格式Y-M-D h:i:s
${startTime} set variable 2020-04-26 16:40:01
#结束时间格式Y-M-D h:i:s
${endTime} set variable 2020-05-26 10:57:47
#返回结果记录数
${limit} set variable 50
#设备id多个id逗号分隔 \ 支持设备列表查询 后台查询条件如device_id in ($device_ids)
${device_ids} set variable CBT2201925000001
#统计时间粒度单位秒最小统计粒度为30秒
${timeGranularity} set variable 30
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity} limit=${limit} device_ids=${device_ids}
LogStatistics-injectionstatistics-00002
#120未更新
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable injectionstatistics
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/injectionstatistics
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -01:00:00
${startTime} Get Substring ${startTime} \ -4
#统计时间粒度单位秒最小统计粒度为30秒
${timeGranularity} set variable 30
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity}
LogStatistics-injectionstatistics-00003
#120未更新
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable injectionstatistics
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/injectionstatistics
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -1 days
${startTime} Get Substring ${startTime} \ -4
${device_ids} set variable CBT2201925000001
#统计时间粒度单位秒最小统计粒度为30秒
${timeGranularity} set variable 30
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity}
LogStatistics-injectionstatistics-00004
#120未更新
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable injectionstatistics
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/injectionstatistics
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -7 days
${startTime} Get Substring ${startTime} \ -4
${device_ids} set variable CBT2201925000001
#统计时间粒度单位秒最小统计粒度为30秒
${timeGranularity} set variable 30
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity}
LogStatistics-injectionstatistics-00005
#120未更新
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable injectionstatistics
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/injectionstatistics
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -30 days
${startTime} Get Substring ${startTime} \ -4
${device_ids} set variable CBT2201925000001
#统计时间粒度单位秒最小统计粒度为30秒
${timeGranularity} set variable 30
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity}
LogStatistics-injectionstatistics-00006
#120未更新
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable injectionstatistics
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/injectionstatistics
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -365 days
${startTime} Get Substring ${startTime} \ -4
${device_ids} set variable CBT2201925000001
#统计时间粒度单位秒最小统计粒度为30秒
${timeGranularity} set variable 30
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity}

113
01-TestCase/tsg_bfapi/api_log/LogStatistics-ip_correlation_domain.robot
View File

@@ -1,113 +0,0 @@
*** Settings ***
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
Library DateTime
*** Test Cases ***
Statistics-ip_correlation_domain-00001
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable ip_correlation_domain
#请求地址 例如:/report/domain/recommend
${url} set variable /report/ip_correlation_domain
#开始时间格式Y-M-D h:i:s
${startTime} set variable 2020-04-01 16:05:04
#结束时间格式Y-M-D h:i:s
${endTime} set variable 2020-04-28 16:05:11
#IP
${ip} set variable 04.194.66.194
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} ip=${ip}
Statistics-ip_correlation_domain-00002
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable ip_correlation_domain
#请求地址 例如:/report/domain/recommend
${url} set variable /report/ip_correlation_domain
#开始时间格式Y-M-D h:i:s
${startTime} set variable 2020-04-01 16:05:04
#结束时间格式Y-M-D h:i:s
${endTime} set variable 2020-04-28 16:05:11
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime}
Statistics-ip_correlation_domain-00003
#最近一小时
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable ip_correlation_domain
#请求地址 例如:/report/domain/recommend
${url} set variable /report/ip_correlation_domain
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -01:00:00
${startTime} Get Substring ${startTime} \ -4
#IP
${ip} set variable 04.194.66.194
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} ip=${ip}
Statistics-ip_correlation_domain-00004
#最近一天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable ip_correlation_domain
#请求地址 例如:/report/domain/recommend
${url} set variable /report/ip_correlation_domain
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -1 days
${startTime} Get Substring ${startTime} \ -4
#IP
${ip} set variable 04.194.66.194
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} ip=${ip}
Statistics-ip_correlation_domain-00005
#最近一周7天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable ip_correlation_domain
#请求地址 例如:/report/domain/recommend
${url} set variable /report/ip_correlation_domain
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -7 days
${startTime} Get Substring ${startTime} \ -4
#IP
${ip} set variable 04.194.66.194
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} ip=${ip}
Statistics-ip_correlation_domain-00006
#最近一个月30天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable ip_correlation_domain
#请求地址 例如:/report/domain/recommend
${url} set variable /report/ip_correlation_domain
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -30 days
${startTime} Get Substring ${startTime} \ -4
#IP
${ip} set variable 04.194.66.194
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} ip=${ip}
Statistics-ip_correlation_domain-00007
#最近一年
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable ip_correlation_domain
#请求地址 例如:/report/domain/recommend
${url} set variable /report/ip_correlation_domain
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -365 days
${startTime} Get Substring ${startTime} \ -4
#IP
${ip} set variable 04.194.66.194
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} ip=${ip}

19
01-TestCase/tsg_bfapi/api_log/LogStatistics-topn.robot
View File

@@ -1,19 +0,0 @@
*** Settings ***
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
*** Test Cases ***
LogStatistics-topn-00001
#131已通过
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable topn
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/topn/domain
#开始时间格式Y-M-D h:i:s
${startTime} set variable 2020-04-26 18:38:07
#结束时间格式Y-M-D h:i:s
${endTime} set variable 2020-05-26 18:38:20
#排序依据: \ sessions、bytes、packets
${orderBy} set variable sessions
#limit int型
${limit} set variable 50
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} orderBy=${orderBy} limit=${limit}

130
01-TestCase/tsg_bfapi/api_log/LogStatistics-traffic.robot
View File

@@ -1,130 +0,0 @@
*** Settings ***
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
Library DateTime
*** Test Cases ***
Statistics-traffic-00001
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable traffic
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/statisticsbyunit
#统计类型: bytes字节数 packets包数 sessions连接数 如不指定,则统计全部 statisticsUnit=${statisticUnit}
${statisticUnit} set variable bytes
#开始时间格式Y-M-D h:i:s
${startTime} set variable 2020-04-01 13:36:35
#结束时间格式Y-M-D h:i:s
${endTime} set variable 2020-04-28 16:04:56
#统计粒度单位秒仅用于趋势查询sql 缺省为30秒
${timeGranularity} set variable 70
${limit} set variable 1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity} limit=${limit} statisticsUnit=${statisticUnit}
Statistics-traffic-00002
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable traffic
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/statisticsbyunit
#开始时间格式Y-M-D h:i:s
${startTime} set variable 2020-04-26 13:36:35
${endTime} set variable 2020-04-26 23:04:56
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime}
Statistics-traffic-00003
#最近一小时
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable traffic
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/statisticsbyunit
#统计类型: bytes字节数 packets包数 sessions连接数 如不指定,则统计全部 statisticsUnit=${statisticUnit}
${statisticUnit} set variable bytes
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -01:00:00
${startTime} Get Substring ${startTime} \ -4
#统计粒度单位秒仅用于趋势查询sql 缺省为30秒
${timeGranularity} set variable 70
${limit} set variable 1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity} limit=${limit} statisticsUnit=${statisticUnit}
Statistics-traffic-00004
#最近一天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable traffic
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/statisticsbyunit
#统计类型: bytes字节数 packets包数 sessions连接数 如不指定,则统计全部 statisticsUnit=${statisticUnit}
${statisticUnit} set variable bytes
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -1 days
${startTime} Get Substring ${startTime} \ -4
#统计粒度单位秒仅用于趋势查询sql 缺省为30秒
${timeGranularity} set variable 70
${limit} set variable 1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity} limit=${limit} statisticsUnit=${statisticUnit}
Statistics-traffic-00005
#最近一周7天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable traffic
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/statisticsbyunit
#统计类型: bytes字节数 packets包数 sessions连接数 如不指定,则统计全部 statisticsUnit=${statisticUnit}
${statisticUnit} set variable bytes
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -7 days
${startTime} Get Substring ${startTime} \ -4
#统计粒度单位秒仅用于趋势查询sql 缺省为30秒
${timeGranularity} set variable 70
${limit} set variable 1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity} limit=${limit} statisticsUnit=${statisticUnit}
Statistics-traffic-00006
#最近一个月30天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable traffic
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/statisticsbyunit
#统计类型: bytes字节数 packets包数 sessions连接数 如不指定,则统计全部 statisticsUnit=${statisticUnit}
${statisticUnit} set variable bytes
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -30 days
${startTime} Get Substring ${startTime} \ -4
#统计粒度单位秒仅用于趋势查询sql 缺省为30秒
${timeGranularity} set variable 70
${limit} set variable 1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity} limit=${limit} statisticsUnit=${statisticUnit}
Statistics-traffic-00007
#最近一年365天
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable traffic
#请求地址 例如:/report/domain/recommend
${url} set variable /report/traffic/statisticsbyunit
#统计类型: bytes字节数 packets包数 sessions连接数 如不指定,则统计全部 statisticsUnit=${statisticUnit}
${statisticUnit} set variable bytes
#结束时间格式Y-M-D h:i:s
${Time} get current date
${endTime}= add time to date ${Time} -00:05:00
${endTime} Get Substring ${endTime} \ -4
#开始时间格式Y-M-D h:i:s
${startTime}= add time to date ${endTime}= -365 days
${startTime} Get Substring ${startTime} \ -4
#统计粒度单位秒仅用于趋势查询sql 缺省为30秒
${timeGranularity} set variable 70
${limit} set variable 1
GetApi ${apiName} ${url} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity} limit=${limit} statisticsUnit=${statisticUnit}

12
01-TestCase/tsg_bfapi/api_log/LogStatistics-url.robot
View File

@@ -1,12 +0,0 @@
*** Settings ***
Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot
*** Test Cases ***
Statistics-url-00001
#apiName请求大数据时用于区分每个接口的sql
${apiName} set variable url
#请求地址 例如:/report/domain/recommend
${url} set variable /report/url/recommend
#统计时间, \ 查询最近24小时数据例如当前时间为2020-03-26 15:14:00, 查询时间应设为推前1小时的整点实际传入参数为 "2020-03-26 14:00:00" \ 响应参数说明
${statisticTime} set variable 2020-04-27 14:00:00
GetApi ${apiName} ${url} statisticTime=${statisticTime}

14
01-TestCase/tsg_bfapi/api_log/LogStatistics_Recommend.robot
View File

@@ -1,14 +0,0 @@
*** Settings ***
Resource ../../02-Keyword/tsg_bfapi/LogStatistics.robot
Library DateTime
*** Variables ***
${url} /report/url/recommend
*** Test Cases ***
LogStatistics-Recommend-00001
${Time} get current date
${endTime} add time to date ${Time} -01:00:00
${endTime} Get Substring ${endTime} \ -9
LOG ${endTime}00:00
Recommend ${url} ${endTime}00:00

30
01-TestCase/tsg_bfapi/api_log/LogStatistics_Timeandcount.robot
View File

@@ -1,30 +0,0 @@
*** Settings ***
Resource ../../02-Keyword/tsg_bfapi/LogStatistics.robot
*** Variables ***
${url} /report/policyevent/hit/timeandcount
*** Test Cases ***
LogStatistics-Timeandcount-00001
[Tags] security_event_hits_log类型正常输出 单policyId
Timeandcount ${url} security_event_hits_log 20515
LogStatistics_Timeandcount-00002
[Tags] security_event_hits_log类型正常输出 多ip
Timeandcount ${url} security_event_hits_log 14385,32601
LogStatistics_Timeandcount-00003
[Tags] proxy_event_hits_log类型正常输出 单ip
Timeandcount ${url} proxy_event_hits_log 34736
LogStatistics-Timeandcount-00004
[Tags] proxy_event_hits_log类型正常输出 多ip
Timeandcount ${url} proxy_event_hits_log 34752,34748
LogStatistics-Timeandcount-00005
[Tags] policyid与日志类型不符合 单ip
Timeandcount ${url} proxy_event_hits_log 20515
LogStatistics-Timeandcount-00006
[Tags] policyid与日志类型不符合 多ip
Timeandcount ${url} proxy_event_hits_log 14385,32601

26
01-TestCase/tsg_bfapi/api_log/LogStatistics_Trend.robot
View File

@@ -1,26 +0,0 @@
*** Settings ***
Resource ../../02-Keyword/tsg_bfapi/LogStatistics.robot
*** Variables ***
${url} /report/policyevent/hit/trend
*** Test Cases ***
LogStatistics-Trend-00001
[Tags] security_event_hits_log类型正常输出
Trend ${url} 2020-05-27 00:00:00 2020-05-27 15:00:00 security_event_hits_log 32601
LogStatistics-Trend-00002
[Tags] proxy_event_hits_log类型正常输出
Trend ${url} 2020-05-27 00:00:00 2020-05-27 17:00:00 proxy_event_hits_log 34358
LogStatistics-Trend-00003
[Tags] 日志类型和policyId不一致
Trend ${url} 2020-05-27 00:00:00 2020-05-27 15:00:00 proxy_event_hits_log 32601
LogStatistics-Trend-00004
[Tags] policyId不在此时间段产生流量
Trend ${url} 2020-05-27 00:00:00 2020-05-27 15:00:00 proxy_event_hits_log 34358
LogStatistics-Trend-00005
[Tags] policyId不在此时间段产生流量
Trend ${url} 2020-05-27 00:00:00 2020-05-27 15:00:00 security_event_hits_log 14385

19
01-TestCase/tsg_bfapi/dashboard_data_compare/ClientIPTopN.robot
View File

@@ -1,19 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard clientIP topn
Library Collections
Library REST
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/ClientIPTopN.robot
*** Test Cases ***
ClientIPTopN-0001
#dashboard 源IP统计 bifang和bigData对比
ClientIPTopN 1 bytes 5
ClientIPTopN-0002
#dashboard 源IP统计 bifang和bigData对比
ClientIPTopN 2 packets 5
ClientIPTopN-0003
#dashboard 源IP统计 bifang和bigData对比
ClientIPTopN 3 sessions 10

19
01-TestCase/tsg_bfapi/dashboard_data_compare/DomainTopN.robot
View File

@@ -1,19 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard Domain topn
Library Collections
Library REST
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/DomainTopN.robot
*** Test Cases ***
DomainTopN-0001
#dashboard 域名统计 bifang和bigData对比
DomainTopN 1 bytes 10
DomainTopN-0002
#dashboard 域名统计 bifang和bigData对比
DomainTopN 2 packets 10
DomainTopN-0003
#dashboard 域名统计 bifang和bigData对比
DomainTopN 3 sessions 10

103
01-TestCase/tsg_bfapi/dashboard_data_compare/PolicyActionHitStatistics.robot
View File

@@ -1,103 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard policy action
Library Collections
Library REST
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/PolicyActionHitStatistics.robot
*** Test Cases ***
SecurityEventActionHit-bytes-0001
# dashboard界面 安全策略各动作命中计数 bytes bifang和bigData对比
SecurityEventActionHit-bytes 1 300 5
SecurityEventActionHit-bytes-0002
# dashboard界面 安全策略各动作命中计数 bytes bifang和bigData对比
SecurityEventActionHit-bytes 2 600 5
SecurityEventActionHit-bytes-0003
# dashboard界面 安全策略各动作命中计数 bytes bifang和bigData对比
SecurityEventActionHit-bytes 3 600 10
SecurityEventActionHit-packets-0001
# dashboard界面 安全策略各动作命中计数 packets bifang和bigData对比
SecurityEventActionHit-packets 1 300 5
SecurityEventActionHit-packets-0002
# dashboard界面 安全策略各动作命中计数 packets bifang和bigData对比
SecurityEventActionHit-packets 2 600 5
SecurityEventActionHit-packets-0003
# dashboard界面 安全策略各动作命中计数 packets bifang和bigData对比
SecurityEventActionHit-packets 3 600 10 2020-03-31 16:00:00 2020-04-07 16:00:00
SecurityEventActionHit-sessions-0001
# dashboard界面 安全策略各动作命中计数 sessions bifang和bigData对比
SecurityEventActionHit-sessions 1 300 5
SecurityEventActionHit-sessions-0002
# dashboard界面 安全策略各动作命中计数 sessions bifang和bigData对比
SecurityEventActionHit-sessions 2 300 5
SecurityEventActionHit-sessions-0003
# dashboard界面 安全策略各动作命中计数 sessions bifang和bigData对比
SecurityEventActionHit-sessions 3 300 10
SecurityEventActionHit-thrend-bytes-0001
# dashboard界面 安全策略各动作命中计数趋势 bytes bifang和bigData对比
SecurityEventActionHit-thrend-bytes 1 300 5
SecurityEventActionHit-thrend-bytes-0002
# dashboard界面 安全策略各动作命中计数趋势 bytes bifang和bigData对比
SecurityEventActionHit-thrend-bytes 2 300 5
SecurityEventActionHit-thrend-bytes-0003
# dashboard界面 安全策略各动作命中计数趋势 bytes bifang和bigData对比
SecurityEventActionHit-thrend-bytes 3 600 10
SecurityEventActionHit-thrend-packets-0001
# dashboard界面 安全策略各动作命中计数趋势 packets bifang和bigData对比
SecurityEventActionHit-thrend-packets 1 300 5
SecurityEventActionHit-thrend-packets-0002
# dashboard界面 安全策略各动作命中计数趋势 packets bifang和bigData对比
SecurityEventActionHit-thrend-packets 2 300 5
SecurityEventActionHit-thrend-packets-0003
# dashboard界面 安全策略各动作命中计数趋势 packets bifang和bigData对比
SecurityEventActionHit-thrend-packets 3 600 10
SecurityEventActionHit-thrend-sessions-0001
# dashboard界面 安全策略各动作命中计数趋势 sessions bifang和bigData对比
SecurityEventActionHit-thrend-sessions 1 300 5
SecurityEventActionHit-thrend-sessions-0002
# dashboard界面 安全策略各动作命中计数趋势 sessions bifang和bigData对比
SecurityEventActionHit-thrend-sessions 2 300 5
SecurityEventActionHit-thrend-sessions-0003
# dashboard界面 安全策略各动作命中计数趋势 sessions bifang和bigData对比
SecurityEventActionHit-thrend-sessions 3 600 10
ProxyEventActionHit-sessions-0001
# dashboard界面 代理策略各动作命中计数 sessions bifang和bigData对比
ProxyEventActionHit-sessions 1 300 5
ProxyEventActionHit-sessions-0002
# dashboard界面 代理策略各动作命中计数 sessions bifang和bigData对比
ProxyEventActionHit-sessions 2 300 5
ProxyEventActionHit-sessions-0003
# dashboard界面 代理策略各动作命中计数 sessions bifang和bigData对比
ProxyEventActionHit-sessions 3 600 10
ProxyEventActionHit-trend-sessions-0001
# dashboard界面 代理策略各动作命中计数趋势 sessions bifang和bigData对比
ProxyEventActionHit-trend-sessions 1 300 5
ProxyEventActionHit-trend-sessions-0002
# dashboard界面 代理策略各动作命中计数趋势 sessions bifang和bigData对比
ProxyEventActionHit-trend-sessions 2 300 5
ProxyEventActionHit-trend-sessions-0003
# dashboard界面 代理策略各动作命中计数趋势 sessions bifang和bigData对比
ProxyEventActionHit-trend-sessions 3 600 10

30
01-TestCase/tsg_bfapi/dashboard_data_compare/PolicyEventHitTopN.robot
View File

@@ -1,30 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard policy topn
Library Collections
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/PolicyEventHitTopN.robot
*** Test Cases ***
SecurityEventHitTopN-0001
# dashboard界面 安全策略命中TopN bifang和bigData对比
SecurityEventHit 1 10
SecurityEventHitTopN-0002
# dashboard界面 安全策略命中TopN bifang和bigData对比
SecurityEventHit 2 10
SecurityEventHitTopN-0003
# dashboard界面 安全策略命中TopN bifang和bigData对比
SecurityEventHit 3 10
ProxyEventHitTopN-0001
# dashboard界面 代理策略命中TopN bifang和bigData对比
ProxyEventHit 1 10
ProxyEventHitTopN-0002
# dashboard界面 代理策略命中TopN bifang和bigData对比
ProxyEventHit 2 10
ProxyEventHitTopN-0003
# dashboard界面 代理策略命中TopN bifang和bigData对比
ProxyEventHit 3 10

32
01-TestCase/tsg_bfapi/dashboard_data_compare/ProxyPinningStatistics.robot
View File

@@ -1,32 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard proxy pinning
Library Collections
Library REST
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/ProxyPinningStatistics.robot
*** Test Cases ***
ProxyPinning-0001
# dashboard界面 Proxy Pinning计数 bifang和bigData对比
ProxyPinning 1 300 5
ProxyPinning-0002
# dashboard界面 Proxy Pinning计数 bifang和bigData对比
ProxyPinning 2 300 5
ProxyPinning-0003
# dashboard界面 Proxy Pinning计数 bifang和bigData对比
ProxyPinning 3 600 10
ProxyPinning-trend-0001
# dashboard界面 Proxy Pinning计数 bifang和bigData对比
ProxyPinningTrend 1 300 5
ProxyPinning-trend-0002
# dashboard界面 Proxy Pinning计数 bifang和bigData对比
ProxyPinningTrend 2 300 5
ProxyPinning-trend-0003
# dashboard界面 Proxy Pinning计数 bifang和bigData对比
ProxyPinningTrend 3 600 10

19
01-TestCase/tsg_bfapi/dashboard_data_compare/ServiceIPTopN.robot
View File

@@ -1,19 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard serviceIP topn
Library Collections
Library REST
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/ServiceIPTopN.robot
*** Test Cases ***
ServiceIPTopN-0001
#dashboard 目的IP统计 bifang和bigData对比
ServiceIPTopN 1 bytes 10
ServiceIPTopN-0002
#dashboard 目的IP统计 bifang和bigData对比
ServiceIPTopN 2 packets 10
ServiceIPTopN-0003
#dashboard 目的IP统计 bifang和bigData对比
ServiceIPTopN 3 sessions 10

19
01-TestCase/tsg_bfapi/dashboard_data_compare/SubscriberidTopN.robot
View File

@@ -1,19 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard subscriberid topn
Library Collections
Library REST
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/SubscriberidTopN.robot
*** Test Cases ***
SubscriberidTopN-0001
#dashboard 用户TopN统计 bifang和bigData对比
SubscriberidTopN 1 bytes 10
SubscriberidTopN-0002
#dashboard 用户TopN统计 bifang和bigData对比
SubscriberidTopN 2 packets 10
SubscriberidTopN-0003
#dashboard 用户TopN统计 bifang和bigData对比
SubscriberidTopN 3 sessions 10

31
01-TestCase/tsg_bfapi/dashboard_data_compare/TrafficSessionNewLiveStatistic.robot
View File

@@ -1,31 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard traffic newCount liveCount
Library Collections
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/TrafficSessionNewLiveStatistic.robot
*** Test Cases ***
SessionStatistics-NewLive-0001
# dashboard界面新建和活跃连接数统计 bifang和bigData对比
SessionStatistics-NewLive 1
SessionStatistics-NewLive-0002
# dashboard界面新建和活跃连接数统计 bifang和bigData对比
SessionStatistics-NewLive 2
SessionStatistics-NewLive-0003
# dashboard界面新建和活跃连接数统计 bifang和bigData对比
SessionStatistics-NewLive 3
SessionStatistics-NewLiveTrend-0001
# dashboard界面新建和活跃连接数趋势 bifang和bigData对比
SessionStatistics-NewLive-Trend 1 60 5
SessionStatistics-NewLiveTrend-0002
# dashboard界面新建和活跃连接数趋势 bifang和bigData对比
SessionStatistics-NewLive-Trend 2 300 5
SessionStatistics-NewLiveTrend-0003
# dashboard界面新建和活跃连接数趋势 bifang和bigData对比
SessionStatistics-NewLive-Trend 3 600 10

79
01-TestCase/tsg_bfapi/dashboard_data_compare/TrafficStatistics.robot
View File

@@ -1,79 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard traffic
Library Collections
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/TrafficStatistics.robot
*** Test Cases ***
TrafficStatistics-bytes-0001
# Traffics-带宽统计 统计类型bytes bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-bytes 1
TrafficStatistics-bytes-0002
# Traffics-带宽统计 统计类型bytes bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-bytes 2
TrafficStatistics-bytes-0003
# Traffics-带宽统计 统计类型bytes bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-bytes 3
TrafficStatistics-packets-0001
# Traffics-带宽统计 统计类型packets bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-packets 1 2020-04-06 10:00:00 2020-04-06 12:00:00
TrafficStatistics-packets-0002
# Traffics-带宽统计 统计类型packets bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-packets 2
TrafficStatistics-packets-0003
# Traffics-带宽统计 统计类型packets bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-packets 3
TrafficStatistics-sessions-0001
# Traffics-带宽统计 统计类型sessions bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-sessions 1
TrafficStatistics-sessions-0002
# Traffics-带宽统计 统计类型sessions bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-sessions 2
TrafficStatistics-sessions-0003
# Traffics-带宽统计 统计类型sessions bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-sessions 3
TrafficStatistics-trend-bytes-0001
# Traffics-带宽趋势 统计类型bytes bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-trend-bytes 1 60 5
TrafficStatistics-trend-bytes-0002
# Traffics-带宽趋势 统计类型bytes bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-trend-bytes 2 300 5
TrafficStatistics-trend-bytes-0003
# Traffics-带宽趋势 统计类型bytes bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-trend-bytes 3 300 10
TrafficStatistics-trend-packets-0001
# Traffics-带宽趋势 统计类型packets bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-trend-packets 1 60 5
TrafficStatistics-trend-packets-0002
# Traffics-带宽趋势 统计类型packets bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-trend-packets 2 60 10
TrafficStatistics-trend-packets-0003
# Traffics-带宽趋势 统计类型packets bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-trend-packets 3 300 10
TrafficStatistics-trend-sessions-0001
# Traffics-带宽趋势 统计类型sessions bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-trend-sessions 1 60 5
TrafficStatistics-trend-sessions-0002
# Traffics-带宽趋势 统计类型sessions bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-trend-sessions 2 60 10
TrafficStatistics-trend-sessions-0003
# Traffics-带宽趋势 统计类型sessions bifang和bigData对比 Traffic IN/OUT
Dashboard-Traffic-trend-sessions 3 300 10

19
01-TestCase/tsg_bfapi/dashboard_data_compare/UrlTopN.robot
View File

@@ -1,19 +0,0 @@
*** Settings ***
Force Tags tsg-bfapi dashboard url topn
Library Collections
Library REST
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/dashboard_data_compare/UrlTopN.robot
*** Test Cases ***
UrlTopN-0001
#dashboard Url统计 bifang和bigData对比
UrlTopN 1 10
UrlTopN-0002
#dashboard Url统计 bifang和bigData对比
UrlTopN 2 10
UrlTopN-0003
#dashboard Url统计 bifang和bigData对比
UrlTopN 3 10

50
01-TestCase/tsg_bfapi/policy_file_interface/ClearAllPolicy.robot
View File

@@ -1,50 +0,0 @@
*** Settings ***
Force Tags tsg_bf_api Clear_All_Policys
Library String
Library OperatingSystem
Library Selenium2Library
Library Collections
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot
Resource ../../../03-Variable/BifangApiVariable.txt
*** Variables ***
${url1} /policy/profile/keyringobj
${url2} /policy/profile/trustedcacertobj
${url3} /policy/profile/responsepages
${url4} /policy/profile/hijackfiles
${url5} /policy/profile/insertscripts
${url6} /policy/profile/trafficmirror
*** Test Cases ***
Keyring Policy delete all case
# 清空所有策略!!!
${reqData} Create Dictionary isClear=true
DeletePolicyFile ${url1} ${reqData}
Trusted Cert Policy delete all case
# 清空所有策略!!!
${reqData} Create Dictionary isClear=true
DeletePolicyFile ${url2} ${reqData}
Response Pages Policy delete all case
# 清空所有策略!!!
${reqData} Create Dictionary isClear=true
DeletePolicyFile ${url3} ${reqData}
Hijack Files Policy delete all case
# 清空所有策略!!!
${reqData} Create Dictionary isClear=true
DeletePolicyFile ${url4} ${reqData}
Insert Scripts Policy delete all case
# 清空所有策略!!!
${reqData} Create Dictionary isClear=true
DeletePolicyFile ${url5} ${reqData}
Traffic Mirror Policy delete all case
# 清空所有策略!!!
${reqData} Create Dictionary isClear=true
DeletePolicyFile ${url6} ${reqData}

64
01-TestCase/tsg_bfapi/policy_file_interface/Decryption.robot
View File

@@ -1,64 +0,0 @@
*** Settings ***
Test Teardown TeardownDelete ${url} profileIds ${profileId}
Force Tags tsg_bf_api Response_Pages
Library String
Library OperatingSystem
Library Selenium2Library
Library Collections
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot
Resource ../../../03-Variable/BifangApiVariable.txt
*** Variables ***
${url} /policy/profile/decryption
${profileId} ${EMPTY}
*** Test Cases ***
Decryption_ADD_001
Comment 全串{"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{"dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
Comment "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
Comment "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
Comment dynamic_bypass
Comment 拦截排除参数对象
Comment ev_cert Integer 是 ON/OFF,缺省OFF1表示ON,0表示OFF
Comment cert_transparency Integer 是 ON/OFF,缺省OFF1表示ON,0表示OFF
Comment mutual_authentication Integer 是 ON/OFF,缺省ON1表示ON,0表示OFF
Comment cert_pinning Integer 是 Blocl/Bypass,缺省Block1表示Block,0表示Bypass
Comment protocol_errors Integer 是 ON/OFF,缺省ON1表示ON,0表示OFF
Comment protocol_version Object 是 协议版本对象
Comment min Integer 否 如果mirror_client=1则此参数可为空
Comment max Integer 否 如果mirror_client=1则此参数可为空
Comment mirror_client Integer 是 ON/OFF,缺省ON1表示ON,0表示OFF
Comment allow_http2 Integer 是 1表示ON,0表示OFF
Comment certificate_checks Object 是 证书检查参数对象
Comment approachObject 是 certificateChecksObj对象参数
Comment cn Integer 是 approach对象参数,ON/OFF,缺省ON, 1表示ON,0表示OFF
Comment issuer Integer 是 approach对象参数,ON/OFF,缺省ON, 1表示ON,0表示OFF
Comment self-signed Integer 是 approach对象参数 ON/OFF,缺省ON, 1表示ON,0表示OFF
Comment expiration Integer 是 approach对象参数ON/OFF,缺省ON, 1表示ON,0表示OFF
Comment fail_action String 是 certificateChecksObj对象参数,值为: fail-close pass-through
Comment isValid Integer 是 是否有效
Comment isInitialize Integer 否 0非内置缺省 1内置
${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${data} Create List ${requestbody}
${response} CreatePolicyFileNoFile ${url} ${data}
# 查询
${profileId} Get From Dictionary ${response} profileId
${profileName} Get From Dictionary ${response} profileName
QueryPolicyFile ${url} profileId=${profileId}&profileName=${profileName}
# 修改
${dynamic_bypass}="dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"cert_pinning":0,"protocol_errors":0}
${protocol_version}="protocol_version":{"min":"ssl3","max":"tls13","mirror_client":0,"allow_http2":0}
${certificate_checks}="certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"}
${requestbody}={"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_edit","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":0,"isInitialize":0,"profileDesc":""}]}
@{data} set variable ${requestbody}
UpdatePolicyFile2 ${url} ${reqData_edit} @{data}

31
01-TestCase/tsg_bfapi/policy_file_interface/HijackFilesPolicy.robot
View File

@@ -1,31 +0,0 @@
*** Settings ***
Test Teardown TeardownDelete ${url} profileIds ${profileId}
Force Tags tsg_bf_api Hijack_Files
Library String
Library OperatingSystem
Library Selenium2Library
Library Collections
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot
Resource ../../../03-Variable/BifangApiVariable.txt
*** Variables ***
${url} /policy/profile/hijackfiles
${profileId} ${EMPTY}
*** Test Cases ***
Hijack Files Policy CRUD case
# 新增
${response} CreatePolicyFile2 ${url} hijack_files/ Create-Hijack Files-test-3.html hijack
# 查询
${profileId} Get From Dictionary ${response} profileId
${profileName} Get From Dictionary ${response} profileName
QueryPolicyFile ${url} profileId=${profileId}&profileName=${profileName}
# 修改
${header_edit} Set Variable {"isValid":1,"contentType":"image/png","opAction":"update","profileName":"test_edit","contentName":"Create-Hijack Files-test-5.png","profileId":"${profileId}","returnData":1}
UpdatePolicyFile ${url} Hijack Files-files/ Create-Hijack Files-test-5.png ${header_edit}

283
01-TestCase/tsg_bfapi/policy_file_interface/Hijack_file_24_type.robot
View File

@@ -1,283 +0,0 @@
*** Settings ***
Test Teardown TeardownDelete ${url} profileIds ${profileId}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../03-Variable/AllFlowCaseVariable.txt
Resource ../../../03-Variable/Policy_Objects_Module.txt
Library Custometest
*** Variables ***
${url} /policy/profile/hijackfiles
${profileId} ${EMPTY}
*** Keywords ***
ProfileComman
[Arguments] ${objectedit} ${type}
${default_json} ${default_files} ${default_url} Run Keyword If "${type}"=="hijack" Set Variable ${setting_proxy_profiles_hijack} hijack_files/ /policy/profile/hijackfiles
... ELSE IF Run Keyword If "${type}"=="insert" Set Variable ${setting_proxy_profiles_insert} insert_files/ /policy/profile/insertfiles
... ELSE Set Variable a b c
${objectDict} Jsoneditmanu ${default_json} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${default_url} ${default_files} ${objectDict}
[Return] ${response}
*** Test Cases ***
Hijack_file_24_type-test
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=Hijack_file_24_type-00000 contentName=Create-Hijack Files-test-0.apk contentType=application/vnd.android.package-archive
${response} ProfileComman ${objectedit} hijack
Hijack_file_24_type-00000
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=Hijack_file_24_type-00000 contentName=Create-Hijack Files-test-0.apk contentType=application/vnd.android.package-archive
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00001
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-1.exe contentType=application/x-msdos-program
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00002
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-2.gif contentType=image/gif
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00003
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-3.html contentType=text/html
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00004
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-4.jpeg contentType=image/jpeg
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00005
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-5.png contentType=image/png
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00005-1
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-5.png contentType=application/x-png
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00006
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-6.svg contentType=image/svg%2Bxml
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00007
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-7.rpm contentType=audio/x-pn-realaudio-plugin
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00008
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-8.dmg contentType=application/x-apple-diskimage
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00009
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-9.js contentType=application/x-javascript
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00010
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-10.rar contentType=application/octet-stream
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00011
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-11.zip contentType=application/x-zip-compressed
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00012
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-12.doc contentType=application/msword
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00013
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-13.docx contentType=application/vnd.openxmlformats-officedocument.wordprocessingml.document
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00014
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-14.json contentType=application/json
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00015
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-15.xml contentType=text/xml
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00016
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-16.pdf contentType=application/pdf
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00017
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-17.xls contentType=application/vnd.ms-excel
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00017-1
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-17.xls contentType=application/x-xls
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00018
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-18.xlsx contentType=application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00019
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-19.ppt contentType=application/vnd.ms-powerpoint
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00019-1
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-19.ppt contentType=application/x-ppt
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00020
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-20.pptx contentType=application/vnd.openxmlformats-officedocument.presentationml.presentation
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00021
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-21.odt contentType=application/vnd.oasis.opendocument.text
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00022
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-22.css contentType=text/css
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00023
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-23.csv contentType=text/comma-separated-values
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}
Hijack_file_24_type-00024
#Hijack 需要修改的内容
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-24.plain contentType=text/plain
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ ${objectDict}

31
01-TestCase/tsg_bfapi/policy_file_interface/InsertScriptsPolicy.robot
View File

@@ -1,31 +0,0 @@
*** Settings ***
Test Teardown TeardownDelete ${url} profileIds ${profileId}
Force Tags tsg_bf_api Insert_Scripts
Library String
Library OperatingSystem
Library Selenium2Library
Library Collections
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot
Resource ../../../03-Variable/BifangApiVariable.txt
*** Variables ***
${url} /policy/profile/insertscripts
${profileId} ${EMPTY}
*** Test Cases ***
Insert Scripts Policy CRUD case
# 新增
${response} CreatePolicyFile2 ${url} insert_files/ Create-Insert Scripts-test-1.js insert
# 查询
${profileId} Get From Dictionary ${response} profileId
${profileName} Get From Dictionary ${response} profileName
QueryPolicyFile ${url} profileId=${profileId}&profileName=${profileName}
# 修改
${reqHeader_edit} Set Variable {"isValid":1,"format":"css","opAction":"update","profileName":"test_edit","profileId":"${profileId}","returnData":1}
UpdatePolicyFile ${url} Insert Scripts-files/ Create-Insert Scripts-test.css ${reqHeader_edit}

Some files were not shown because too many files have changed in this diff Show More