*** Settings *** Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids} Force Tags tsg_adc tsg_security Library OperatingSystem Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../02-Keyword/tsg_adc/FileOperation.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot Resource ../../../03-Variable/ApplicationID.txt Resource ../../../03-Variable/BifangApiVariable.txt Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot Library ../../../04-CustomLibrary/Library/VerifyPolicy.py *** Variables *** ${policyIds} ${EMPTY} ${objectids} ${EMPTY} ${url1} /v1/policy/profile/responsepages *** Test Cases *** SecurityPolicy-Deny-HTTP-00001 [Tags] Deny IP HTTP Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00001.bat ... ELSE set variable curl -m 10 -kv http://www.lkong.net/forum.php ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host HTTP Should Be Equal As Strings ${returnvalue} true SecurityPolicy-Deny-HTTP-00002 [Tags] Deny IP HTTP FQDN Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建fqdn ${addItemList1} Create Dictionary keywordArray=*bellaircraftmuseum.org isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"rst"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "bellaircraftmuseum.org"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${qname_fqdn_id} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00002.bat ... ELSE set variable curl http://bellaircraftmuseum.org/ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00002.bat ... ELSE set variable curl http://bellaircraftmuseum.org/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection reset by peer ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host bellaircraftmuseum.org Should Be Equal As Strings ${returnvalue} true SecurityPolicy-Deny-HTTP-00003 [Tags] Deny IP HTTP URL Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建url ${addItemList1} Create Dictionary keywordArray=news isHexbin=${0} ${addItemList2} Create Dictionary keywordArray=www.icbc.com.cn isHexbin=${0} ${addItemList3} Create Dictionary keywordArray=www.gotohoroscope* isHexbin=${0} ${addItemList4} Create Dictionary keywordArray=indexv isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${addItemList2} ${addItemList3} ${addItemList4} ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建引用文件 #创建引用文件 ${response} CreatePolicyFile2 ${url1} ${responsePageFiles} 404english.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "www.icbc.com.cn/"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${url} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003.bat ... ELSE set variable curl http://www.icbc.com.cn/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_1.bat ... ELSE set variable curl http://www.ccb.com/cn/home/indexv3.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_2.bat ... ELSE set variable curl http://www.gotohoroscope.com/daily-horoscope.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_3.bat ... ELSE set variable curl http://government.ru/news/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.icbc.com.cn Should Be Equal As Strings ${returnvalue} true ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.ccb.com Should Be Equal As Strings ${returnvalue} true ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.gotohoroscope.com Should Be Equal As Strings ${returnvalue} true ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host government.ru Should Be Equal As Strings ${returnvalue} true SecurityPolicy-Deny-HTTP-00004 [Tags] Deny IP HTTP User-Agent Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment User-Agent ${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"block","code":404,"message":"block"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "Mozilla/5.0","district": "User-Agent"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_hdr_ua} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00004.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' \http://www.tsutmb.ru/sveden ${stringlist} run keyword if '${systemType}'=='Windows' Create List block ... ELSE Create List block ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host tsutmb.ru Should Be Equal As Strings ${returnvalue} true SecurityPolicy-Deny-HTTP-00005 [Tags] Deny IP HTTP Content-Type Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Content-Type ${addItemList1} Create Dictionary keywordArray=*utf-8 isHexbin=${0} district=Content-Type ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"rst"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "utf-8","district": "Content-Type"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_hdr_ct} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00008.bat ... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00008_L.bat ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host cmbchina.com SecurityPolicy-Deny-HTTP-00006 [Tags] Deny IP HTTP Cookie Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Cookie ${addItemList1} Create Dictionary keywordArray=ipp_uid2 isHexbin=${0} district=Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"block","code":404,"message":"马上到周末"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${req_hdr_ck} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "ipp_uid2","district": "Cookie"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_hdr_ck} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00012.bat ... ELSE set variable curl -kv --cookie "ipp_uid_tst=1614083626134/s-G5u-av-3V6UMopU8qN0w; rerf=AAAAAGA09iqKHHWcAwwEAg==; visid_incap_1850197=73iJXVstR5eD96boaecG5Sr2NGAAAAAAQUIPAAAAAADRrWjXkBE1xHfgl1g2q0+Z; incap_ses_431_1850197=yz/Zbyso2kIQ3JKieDj7BSr2NGAAAAAAxpbwZIp4Ku0GJhK9DvIxUw==; ___utmvmaluytEzB=zJTWRrkycAu; ___utmvbaluytEzB=oZQ XqnOgalR: qtO; ipp_uid2=SLwSBC2htc6RCxdR/gtvNhcOjz2aYXsuOQZ9IMw==; ipp_uid1=1614083626503; ipp_uid=1614083626503/SLwSBC2htc6RCxdR/gtvNhcOjz2aYXsuOQZ9IMw==; tildauid=1614083628065.339214; tildasid=1614083628065.951808; _fbp=fb.1.1614083628650.700159084; previousUrl=universalmusic.ru%2F" --referer 'http://www.baidu.com/' \ http://www.universalmusic.ru/#about ${stringlist} run keyword if '${systemType}'=='Windows' Create List 马上到周末 ... ELSE Create List 马上到周末 ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.universalmusic.ru SecurityPolicy-Deny-HTTP-00007 [Tags] Deny IP HTTP Set-Cookie Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Set-Cookie ${addItemList1} Create Dictionary keywordArray=ASP.NET isHexbin=${0} district=Set-Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "ASP.NET","district": "Set-Cookie"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_hdr_sc} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00013_1.bat ... ELSE set variable curl --connect-timeout 5 -m 10 blog.cnstock.com ${stringlist} run keyword if '${systemType}'=='Windows' Create List 000 ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host blog.cnstock.com SecurityPolicy-Deny-HTTP-00008 [Tags] Deny IP HTTP Request Content Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Request Content ${addItemList1} Create Dictionary keywordArray=testDenyHttp0014 isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${req_body} Create Dictionary attributeType=string attributeName=req_body appId=67 appName=http protocol=http attributeValue={"string": "testDenyHttp0014"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_body} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00014.bat ... ELSE set variable curl -H "Content-Type:application/json;charset=UTF-8" -X POST -d "{"requestbody":"testDenyHttp0014","setcook":"12345678","contenttype": "content-type","responsebody": "testDenyHttp0014"}" http://open.node.com:180/go ${stringlist} run keyword if '${systemType}'=='Windows' Create List after ... ELSE Create List after ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-HTTP-00009 [Tags] Deny IP HTTP Response Content Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Response Content ${addItemList1} Create Dictionary keywordArray=华彤公司 isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${res_body} Create Dictionary attributeType=string attributeName=res_body appId=67 appName=http protocol=http attributeValue={"string": "华彤公司"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_body} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00015.bat ... ELSE set variable curl -m 10 -kv http://www.huatonggs.com/about.html#gsjj ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host huatonggs.com SecurityPolicy-Deny-HTTP-00010 [Tags] Deny IP HTTP FQDN URL User-Agent Content-Type Request Content Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建fqdn ${addItemList1} Create Dictionary keywordArray=*open.node.com isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建url ${addItemList1} Create Dictionary keywordArray=open.node isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId2} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2} Comment User-Agent ${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId3} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3} Comment Content-Type ${addItemList1} Create Dictionary keywordArray=charset isHexbin=${0} district=Content-Type ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId4} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4} Comment Request Content ${addItemList1} Create Dictionary keywordArray=DenyHttp0016 isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId5} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL,${objectId3}|TSG_FIELD_HTTP_REQ_HDR,${objectId4}|TSG_FIELD_HTTP_RES_HDR,${objectId5}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "open.node.com"} ${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "open.node.com/"} ${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "Mozilla/5.0","district": "User-Agent"} ${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "charset","district": "Content-Type"} ${req_body} Create Dictionary attributeType=string attributeName=req_body appId=67 appName=http protocol=http attributeValue={"string": "testDenyHttp0016"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${qname_fqdn_id} ${url} ${req_hdr_ua} ${res_hdr_ct} ${req_body} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00016.bat ... ELSE set variable curl -m 10 -kv -H "Content-Type:application/json;charset=UTF-8" -X POST -d "{"requestbody":"DenyHttp0016","setcook":"asdf","contenttype": "charsetDeny0016","responsebody": "adzx"}" -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com:180/go ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List 000 ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-HTTP-00011 [Tags] Deny IP HTTP FQDN URL Cookie Set-Cookie Response Content Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建fqdn ${addItemList1} Create Dictionary keywordArray=*smspunch.net isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建url ${addItemList1} Create Dictionary keywordArray=send-free-sms.aspx isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId2} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2} Comment Cookie ${addItemList1} Create Dictionary keywordArray=_ym_isad=2 isHexbin=${0} district=Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId3} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3} Comment Set-Cookie ${addItemList1} Create Dictionary keywordArray=NET_SessionId isHexbin=${0} district=Set-Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId4} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4} Comment Response Content ${addItemList1} Create Dictionary keywordArray=Cell No isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId5} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5} Comment 创建Deny策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL,${objectId3}|TSG_FIELD_HTTP_REQ_HDR,${objectId4}|TSG_FIELD_HTTP_RES_HDR,${objectId5}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] ${starttime} Get Time #功能端验证 Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${fqdn} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "smspunch.net"} ${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "smspunch.net/send-free-sms.aspx"} ${req_hdr_ck} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "_ym_isad=2","district": "Cookie"} ${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "NET_SessionId","district": "Set-Cookie"} ${res_body} Create Dictionary attributeType=string attributeName=res_body appId=67 appName=http protocol=http attributeValue={"string": "Cell No"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${fqdn} ${url} ${req_hdr_ck} ${res_hdr_sc} ${res_body} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00017.bat ... ELSE set variable curl -m 10 -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://smspunch.net/send-free-sms.aspx ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds} ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host smspunch.net