*** Settings *** Force Tags tsg_adc_wp adc_api security_policy Library OperatingSystem Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../02-Keyword/tsg_adc/FileOperation.robot Resource ../../../02-Keyword/tsg_adc/FileOperation.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot Resource ../../../03-Variable/ApplicationID.txt *** Test Cases *** SecurityPolicy-Deny-Ssl-00001 [Tags] sni fqdn完整和右匹配 update policy:ip geo,fqdn_sni Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.cxwl.com,*freestockimages.ru ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建fqdn2 ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*www.cxwl.com ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建ip geo ${addItemList1} Create Dictionary keywordArray=XXG地区.* ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId2} AddObjects ${1} ${objectDict} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"rst"} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyId} Get-Pids ${policyId} ${policyId} Set Variable ${policyId}[0] insert_policyId_to_file1 deny_ssl_objectId ${objectId} insert_policyId_to_file1 deny_ssl_objectId4 ${objectId1} insert_policyId_to_file1 deny_ssl_objectId5 ${objectId2} insert_policyId_to_file1 deny_ssl_policyId ${policyId} SecurityPolicy-Deny-Ssl-00002 [Tags] cn cat右匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*amesweb.info,*rentar.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"rst"} filterList=153|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyId} Get-Pids ${policyId} ${policyId} Set Variable ${policyId}[0] insert_policyId_to_file1 deny_ssl_objectId1 ${objectId} insert_policyId_to_file1 deny_ssl_policyId1 ${policyId} SecurityPolicy-Deny-Ssl-00003 [Tags] san cat右匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*austinama.org,*assegaimedia.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} filterList=110|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyId} Get-Pids ${policyId} ${policyId} Set Variable ${policyId}[0] insert_policyId_to_file1 deny_ssl_objectId2 ${objectId} insert_policyId_to_file1 deny_ssl_policyId2 ${policyId} SecurityPolicy-Deny-Ssl-00004 [Tags] 最大组合 update policy:fqdn_sni,fqdn_san,fqdn_cn Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*prlib.ru ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建fqdn2 ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.prlib.ru ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} filterList=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyId} Get-Pids ${policyId} ${policyId} Set Variable ${policyId}[0] insert_policyId_to_file1 deny_ssl_objectId3 ${objectId} insert_policyId_to_file1 deny_ssl_objectId6 ${objectId1} insert_policyId_to_file1 deny_ssl_policyId3 ${policyId} SecurityPolicy-Deny-Ssl-00005 [Tags] update policy:destination learning Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*leisu.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} filterList=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyId} Get-Pids ${policyId} ${policyId} Set Variable ${policyId}[0] insert_policyId_to_file1 deny_ssl_objectId7 ${objectId} insert_policyId_to_file1 deny_ssl_policyId4 ${policyId} SecurityPolicy-Deny-Ssl-00006 [Tags] the minimum match Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} isValid=${0} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyId} Get-Pids ${policyId} ${policyId} Set Variable ${policyId}[0]