*** Settings *** Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} Force Tags tsg_adc Security_Policy Library OperatingSystem Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt *** Variables *** ${policyIds} ${EMPTY} ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Allow-Http-00001 [Tags] ip Selfserver Intercept HTTP Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol: HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓 ... ELSE Create List 酒店式公寓 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-Http-00002 [Tags] Selfserver Intercept HTTP ip+cat右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment FQDN ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员 ... ELSE Create List 关闭播放器 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-Http-00003 [Tags] Selfserver Intercept HTTP ip+fqdn完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment FQDN ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat ... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank ... ELSE Create List nationalbank ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com