*** Settings *** Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids} policyids1=${policyIds1} url=${url} profiledId=${profiledId} Force Tags tsg_adc tsg_security Library OperatingSystem Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../02-Keyword/tsg_adc/FileOperation.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot Resource ../../../03-Variable/ApplicationID.txt Resource ../../../03-Variable/BifangApiVariable.txt Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot Library ../../../04-CustomLibrary/Library/VerifyPolicy.py *** Variables *** ${policyIds} ${EMPTY} ${objectids} ${EMPTY} ${url} /v1/policy/profile/responsepages ${profiledId} ${EMPTY} *** Test Cases *** ProxyPolicy-deny-00001 [Tags] Deny IP HTTP Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","message":"重新开始","code":403,"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00001.bat ... ELSE set variable curl -kv \ https://newsela.com/about/content/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List 重新开始 Tango Secure Gateway CA ... ELSE Create List 重新开始 Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host http_url Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-http-00002 [Tags] Deny IP HTTP HOST Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建fqdn ${addItemList1} Create Dictionary keywordArray=*kingidentity.com isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment #创建引用文件 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${fqdn} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "kingidentity.com"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${fqdn} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00002.bat ... ELSE set variable curl -kv \ \ https://kingidentity.com/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host kingidentity.com Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-00003 [Tags] Deny IP HTTP URL Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建url ${addItemList1} Create Dictionary keywordArray=creativetravelgroup.com isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment #创建引用文件 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${url1} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "creativetravelgroup.com"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${url1} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00003_1.bat ... ELSE set variable curl -kv \ https://creativetravelgroup.com/ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00003_1.bat ... ELSE set variable curl -kv \ https://creativetravelgroup.com/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List head404 Tango Secure Gateway CA ... ELSE Create List head404 Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host creativetravelgroup.com Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-00004 [Tags] Deny IP HTTP User-Agent Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment User-Agent ${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","message":"qwertyuiop","code":404,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "Mozilla/5.0","district": "User-Agent"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_hdr_ua} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00004.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'https://www.baidu.com/' https://www.usdebtclock.org/state-debt-clocks/state-of-california-debt-clock.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List qwertyuiop Tango Secure Gateway CA ... ELSE Create List qwertyuiop Tango Secure Gateway CA Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00004.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'https://www.baidu.com/' https://www.usdebtclock.org/state-debt-clocks/state-of-california-debt-clock.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List qwertyuiop Tango Secure Gateway CA ... ELSE Create List qwertyuiop Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host www.usdebtclock.org Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-0005 [Tags] Deny IP HTTP Content-Type Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Content-Type ${addItemList1} Create Dictionary keywordArray=*utf-8 isHexbin=${0} district=Content-Type ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建引用文件 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","html_profile":${profiledId},"code":451,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "utf-8","district": "Content-Type"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_hdr_ct} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00008.bat ... ELSE set variable curl http://www.6renyou.com/user_comment/index ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host www.6renyou.com Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-00006 [Tags] Deny IP HTTP Cookie Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Cookie ${addItemList1} Create Dictionary keywordArray=saltkey isHexbin=${0} district=Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","message":"123456789","code":404,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${req_hdr_ck} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "saltkey","district": "Cookie"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_hdr_ck} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00012.bat ... ELSE set variable curl -kv --cookie "lQfQ_2132_saltkey=t8WY1oPe; lQfQ_2132_lastvisit=1595381790; lQfQ_2132_sid=vqXOg6; lQfQ_2132_lastact=1595385400%09forum.php%09image" --referer 'https://www.baidu.com/' \ https://www.youqulu.com/category/zixun ${stringlist} run keyword if '${systemType}'=='Windows' Create List 123456789 Tango Secure Gateway CA ... ELSE Create List 123456789 Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host www.youqulu.com Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-00007 [Tags] Deny IP HTTP Set-Cookie Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Set-Cookie ${addItemList1} Create Dictionary keywordArray=irkzadmin_session* isHexbin=${0} district=Set-Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","message":"一直相信","code":403,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "irkzadmin_session","district": "Set-Cookie"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_hdr_sc} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00013_3.bat ... ELSE set variable curl -kv \ https://nationalbank.kz/?switch=kazakh ${stringlist} run keyword if '${systemType}'=='Windows' Create List 一直相信 Tango Secure Gateway CA ... ELSE Create List 一直相信 Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host nationalbank.kz Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-00008 [Tags] Deny IP HTTP Request Content Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Request Content ${addItemList1} Create Dictionary keywordArray=ProxydenyTest001401 isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${req_body} Create Dictionary attributeType=string attributeName=req_body appId=67 appName=http protocol=http attributeValue={"string": "ProxydenyTest001401"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_body} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00014.bat ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=1234567&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection was reset ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host open.node.com Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-00009 [Tags] Deny IP HTTP Response Content Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Response Content ${addItemList1} Create Dictionary keywordArray=NOFOLLOW isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${res_body} Create Dictionary attributeType=string attributeName=res_body appId=67 appName=http protocol=http attributeValue={"string": "NOFOLLOW"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_body} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00017.bat ... ELSE set variable curl -kv --cookie "test%20cookie=null; timezoneoffset=-480; ASP.NET_SessionId=sta2b3gxpxzqei3by1ka3qsa; visid_incap_1010467=Iu/pLzeoTnGn2VDjWdP9GpoBGF8AAAAAQUIPAAAAAADzSLZtZ1tZ/Rbjfct3Nq69" --referer 'https://www.baidu.com/' \ https://www.umusicpub.com/au/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA ... ELSE Create List Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host www.umusicpub.com Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-00010 [Tags] Deny IP HTTP 最大组合1 Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建fqdn ${addItemList1} Create Dictionary keywordArray=$www.umusicpub.com isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建url ${addItemList1} Create Dictionary keywordArray=sicpub.com isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId2} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2} Comment Cookie ${addItemList1} Create Dictionary keywordArray=timezoneoffset isHexbin=${0} district=Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId3} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3} Comment Set-Cookie ${addItemList1} Create Dictionary keywordArray=Domain=.umusicpub.com isHexbin=${0} district=Set-Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId4} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4} Comment Response Content ${addItemList1} Create Dictionary keywordArray=NOFOLLOW isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId5} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL,${objectId3}|TSG_FIELD_HTTP_REQ_HDR,${objectId4}|TSG_FIELD_HTTP_RES_HDR,${objectId5}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${fqdn} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "www.umusicpub.com"} ${url1} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "www.umusicpub.com/au/"} ${req_hdr_ck} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "timezoneoffset","district": "Cookie"} ${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "Domain=.umusicpub.com","district": "Set-Cookie"} ${res_body} Create Dictionary attributeType=string attributeName=res_body appId=67 appName=http protocol=http attributeValue={"string": "NOFOLLOW"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${fqdn} ${url1} ${req_hdr_ck} ${res_hdr_sc} ${res_body} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00017.bat ... ELSE set variable curl -kv --cookie "test%20cookie=null; timezoneoffset=-480; ASP.NET_SessionId=sta2b3gxpxzqei3by1ka3qsa; visid_incap_1010467=Iu/pLzeoTnGn2VDjWdP9GpoBGF8AAAAAQUIPAAAAAADzSLZtZ1tZ/Rbjfct3Nq69" --referer 'https://www.baidu.com/' \ https://www.umusicpub.com/au/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA ... ELSE Create List Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host www.umusicpub.com Should Be Equal As Strings ${returnvalue} true ProxyPolicy-deny-00011 [Tags] Deny IP HTTP 最大组合2 Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建fqdn ${addItemList1} Create Dictionary keywordArray=*open.node.com isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建url ${addItemList1} Create Dictionary keywordArray=open isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId2} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2} Comment User-Agent ${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId3} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3} Comment Content-Type ${addItemList1} Create Dictionary keywordArray=charset isHexbin=${0} district=Content-Type ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId4} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4} Comment Request Content ${addItemList1} Create Dictionary keywordArray=ProxyDenyTest0017 isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId5} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL,${objectId3}|TSG_FIELD_HTTP_REQ_HDR,${objectId4}|TSG_FIELD_HTTP_RES_HDR,${objectId5}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${fqdn} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "open.node.com"} ${url1} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "open.node.com"} ${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "Mozilla/5.0","district": "User-Agent"} ${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "charset","district": "Content-Type"} ${req_body} Create Dictionary attributeType=string attributeName=req_body appId=67 appName=http protocol=http attributeValue={"string": "ProxyDenyTest0017"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${fqdn} ${url1} ${req_hdr_ua} ${res_hdr_ct} ${req_body} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00016.bat ... ELSE set variable curl -H "Content-Type:application/json;charset=UTF-8" -X POST -d "{"requestbody":"ProxyDenyTest0017","setcook":"asdf","contenttype": "content-type","responsebody": "adzx"}" -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com:180/go ${stringlist} run keyword if '${systemType}'=='Windows' Create List 涨涨涨涨 ... ELSE Create List 涨涨涨涨 ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host open.node.com Should Be Equal As Strings ${returnvalue} true