*** Settings *** Test Teardown DeletePolicyAndObject ${policyIds} ${objectIds} ${group} Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Object.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Log.robot Resource ../../../02-Keyword/tsg_bfapi/Common.robot Library json Library DateTime *** Variables *** @{policyIds} @{profiles} ${objectIds} ${EMPTY} ${group} ${EMPTY} *** Test Cases *** Allow-test-001 #新建allow,协议单选http Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建策略 ${policyDict} Create Dictionary policyName=新建allow单选协 action=allow source=${objectId1}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=2 ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-002 #新建allow,协议单选ssl Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=新建allow单选协议 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"SSL"} ... isValid=${1} ... appIdObjects=3 ... policyDesc=autotest ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-003 #新建allow,协议单选dns Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=新建allow单选协议 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"DNS"} ... isValid=${1} ... appIdObjects=4 ... policyDesc=autotest ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-004 #新建allow,协议单选mail Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=新建allow单选协议 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"MAIL"} ... isValid=${1} ... appIdObjects=5 ... policyDesc=autotest ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-005 #新建allow,协议单选ftp Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=新建allow单选协议 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"FTP"} ... isValid=${1} ... appIdObjects=6 ... policyDesc=autotest ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-006 #新建allow,协议单选quic Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=新建allow单选协议 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"QUIC"} ... isValid=${1} ... appIdObjects=7 ... policyDesc=autotest ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-007 #新建allow,协议单选quic Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=新建allow多选协议 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... isValid=${1} ... userRegion={} ... appIdObjects=2,3,4,5,6,7 ... policyDesc=autotest ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-008 #新建allow,Application选择HTTP,filter选择host中的fqdn,右匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择HTTP,filter选择host中的fqdn,右匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"HTTP"} ... isValid=${1} ... appIdObjects=2 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_HTTP_HOST ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-009 #新建allow,Application选择HTTP,filter选择host中的fqdn,完全匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择HTTP,filter选择host中的fqdn,完全匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"HTTP"} ... isValid=${1} ... appIdObjects=2 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_HTTP_HOST ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-010 #新建allow,Application选择HTTP,filter选择host中的fqdn-group Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建fqdn1 ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} Comment 创建fqdn-group ${subObjectIds} Create list ${objectId} ${objectId0} ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} ${rescode} ${objectId2} AddObject ${objectDict} ${group} Set Variable ${objectId2} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择HTTP,filter选择host中的fqdn-group ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"HTTP"} ... isValid=${1} ... appIdObjects=2 ... policyDesc=autotest ... filterList=${objectId2}|TSG_FIELD_HTTP_HOST ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-011 #新建allow,Application选择HTTP,filter选择host中的category,右匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择HTTP,filter选择host中的category,右匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"HTTP"} ... isValid=${1} ... appIdObjects=2 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_HTTP_HOST ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-012 #新建allow,Application选择HTTP,filter选择host中的category,完全匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择HTTP,filter选择host中的category,完全匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"HTTP"} ... isValid=${1} ... appIdObjects=2 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_HTTP_HOST ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-013 #新建allow,Application选择HTTP,filter选择host中的fqdn_category-group Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建fqdn1 ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} Comment 创建fqdn-group ${subObjectIds} Create list ${objectId} ${objectId0} ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} ${rescode} ${objectId2} AddObject ${objectDict} ${group} Set Variable ${objectId2} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择HTTP,filter选择host中的category-group ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... ... userRegion={"protocol":"HTTP"} ... isValid=${1} ... appIdObjects=2 ... policyDesc=autotest ... filterList=${objectId2}|TSG_FIELD_HTTP_HOST ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-014 #新建allow,Application选择SSL,filter选择SNI中的fqdn,右匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择SSL,filter选择SNI中的fqdn,右匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"SSL"} ... isValid=${1} ... appIdObjects=3 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_SSL_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-015 #新建allow,Application选择SSL,filter选择SNI中的fqdn,完全匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择SSL,filter选择SNI中的fqdn,完全匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"SSL"} ... isValid=${1} ... appIdObjects=3 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_SSL_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-016 #新建allow,Application选择SSL,filter选择SNI中的fqdn-group Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建fqdn1 ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} Comment 创建fqdn-group ${subObjectIds} Create list ${objectId} ${objectId0} ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} ${rescode} ${objectId2} AddObject ${objectDict} ${group} Set Variable ${objectId2} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择SSL,filter选择SNI中的fqdn-group ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"SSL"} ... isValid=${1} ... appIdObjects=3 ... policyDesc=autotest ... filterList=${objectId2}|TSG_FIELD_SSL_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-017 #新建allow,Application选择SSL,filter选择SNI中的category,右匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择SSL,filter选择SNI中的category,右匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"SSL"} ... isValid=${1} ... appIdObjects=3 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_SSL_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-018 #新建allow,Application选择SSL,filter选择SNI中的category,完全匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择HTTP,filter选择SNI中的category,完全匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"SSL"} ... isValid=${1} ... appIdObjects=3 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_SSL_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-019 #新建allow,Application选择SSL,filter选择SNI中的fqdn_category-group Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建fqdn1 ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} Comment 创建fqdn-group ${subObjectIds} Create list ${objectId} ${objectId0} ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} ${rescode} ${objectId2} AddObject ${objectDict} ${group} Set Variable ${objectId2} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择SSL,filter选择SNI中的category-group ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... ... userRegion={"protocol":"SSL"} ... isValid=${1} ... appIdObjects=3 ... policyDesc=autotest ... filterList=${objectId2}|TSG_FIELD_SSL_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-020 #新建allow,Application选择QUIC,filter选择SNI中的fqdn,右匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择HTTP,filter选择host中的fqdn,右匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"QUIC"} ... isValid=${1} ... appIdObjects=7 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_QUIC_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-021 #新建allow,Application选择QUIC,filter选择SNI中的fqdn,完全匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择QUIC,filter选择SNI中的fqdn,完全匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"QUIC"} ... isValid=${1} ... appIdObjects=7 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_QUIC_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-022 #新建allow,Application选择QUIC,filter选择SNI中的fqdn-group Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建fqdn1 ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} Comment 创建fqdn-group ${subObjectIds} Create list ${objectId} ${objectId0} ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} ${rescode} ${objectId2} AddObject ${objectDict} ${group} Set Variable ${objectId2} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择QUIC,filter选择SNI中的fqdn-group ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"QUIC"} ... isValid=${1} ... appIdObjects=7 ... policyDesc=autotest ... filterList=${objectId2}|TSG_FIELD_QUIC_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-023 #新建allow,Application选择QUIC,filter选择SNI中的category,右匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择QUIC,filter选择SNI中的category,右匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"QUIC"} ... isValid=${1} ... appIdObjects=7 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_QUIC_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-024 #新建allow,Application选择QUIC,filter选择SNI中的category,完全匹配 Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId1} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId},${objectIds} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择QUIC,filter选择SNI中的category,完全匹配 ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"QUIC"} ... isValid=${1} ... appIdObjects=7 ... policyDesc=autotest ... filterList=${objectId}|TSG_FIELD_QUIC_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} Allow-test-025 #新建allow,Application选择QUIC,filter选择SNI中的fqdn_category-group Comment 创建IP #object为IP→endpoint时的addItemList单个对象 ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建fqdn1 ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} Comment 创建fqdn-group ${subObjectIds} Create list ${objectId} ${objectId0} ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} ${rescode} ${objectId2} AddObject ${objectDict} ${group} Set Variable ${objectId2} Comment 创建策略 ${policyDict} Create Dictionary ... policyName=Application选择QUIC,filter选择SNI中的category-group ... policyType=tsg_security ... action=allow ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR ... userRegion={"protocol":"QUIC"} ... isValid=${1} ... appIdObjects=7 ... policyDesc=autotest ... filterList=${objectId2}|TSG_FIELD_QUIC_SNI ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}