*** Settings *** Force Tags tsg_adc_wp adc_api proxy_policy Library OperatingSystem Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../02-Keyword/tsg_adc/FileOperation.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot Resource ../../../03-Variable/ApplicationID.txt *** Variables *** ${url} /v1/policy/profile/hijackfiles *** Test Cases *** Proxy-Policy-hijack-00001 [Tags] fqdn完整匹配 update policy:fqdn,ip geo Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$vator.tv ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=or.tv/news ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test.apk hijack {"isValid":1,"contentType":"application/vnd.android.package-archive","opAction":"add","profileName":"test1","contentName":"Create-Hijack Files-test.apk","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建ip geo ${addItemList1} Create Dictionary keywordArray=XXG地区.* ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId2} AddObjects ${1} ${objectDict} Comment 创建fqdn2 ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*tor.tv ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00001 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId ${profiledId} insert_policyId_to_file1 hijack_objectId ${objectId} insert_policyId_to_file1 hijack_objectId39 ${objectId1} insert_policyId_to_file1 hijack_objectId42 ${objectId2} insert_policyId_to_file1 hijack_objectId43 ${objectId3} insert_policyId_to_file1 intercept_hijack_policyId ${policyId1} insert_policyId_to_file1 hijack_policyId ${policyId2} Proxy-Policy-hijack-00002 [Tags] cat右匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.uqur.cn ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=uqur.cn ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack ${profiledId} Get From Dictionary ${response} profileId Comment Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=163|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00002 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=163|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId1 ${profiledId} insert_policyId_to_file1 hijack_objectId1 ${objectId} insert_policyId_to_file1 hijack_objectId40 ${objectId1} insert_policyId_to_file1 intercept_hijack_policyId1 ${policyId1} insert_policyId_to_file1 hijack_policyId1 ${policyId2} Proxy-Policy-hijack-00003 [Tags] url4种匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*lexus.ru,*oktrucking.org,*federalsignal.com,*peasedev.org ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=www.lex*,$oktrucking.org/,*signal.com/,peasedev ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=160|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00003 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId2 ${profiledId} insert_policyId_to_file1 hijack_objectId2 ${objectId} insert_policyId_to_file1 hijack_objectId3 ${objectId1} insert_policyId_to_file1 intercept_hijack_policyId2 ${policyId1} insert_policyId_to_file1 hijack_policyId2 ${policyId2} Proxy-Policy-hijack-00004 [Tags] 请求头左匹配 update policy:url,请求头 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*huoshan.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=greenlive ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack ${profiledId} Get From Dictionary ${response} profileId Comment 创建url2 ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=huoshan ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} Comment 创建请求头2 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0|User-Agent ${rescode} ${objectId4} AddObject2 ${1} ${objectDict} Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00004 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId3 ${profiledId} insert_policyId_to_file1 hijack_objectId4 ${objectId} insert_policyId_to_file1 hijack_objectId5 ${objectId1} insert_policyId_to_file1 hijack_objectId6 ${objectId2} insert_policyId_to_file1 hijack_objectId44 ${objectId3} insert_policyId_to_file1 hijack_objectId45 ${objectId4} insert_policyId_to_file1 intercept_hijack_policyId3 ${policyId1} insert_policyId_to_file1 hijack_policyId3 ${policyId2} Proxy-Policy-hijack-00005 [Tags] 请求头完整匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.ixigua.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=channel/dianying/ ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00005 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId4 ${profiledId} insert_policyId_to_file1 hijack_objectId7 ${objectId} insert_policyId_to_file1 hijack_objectId8 ${objectId1} insert_policyId_to_file1 hijack_objectId9 ${objectId2} insert_policyId_to_file1 intercept_hijack_policyId4 ${policyId1} insert_policyId_to_file1 hijack_policyId4 ${policyId2} Proxy-Policy-hijack-00006 [Tags] 请求头字串匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.dcdapp.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=dongchediapp ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=AppleWebKit|User-Agent ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00006 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId5 ${profiledId} insert_policyId_to_file1 hijack_objectId10 ${objectId} insert_policyId_to_file1 hijack_objectId11 ${objectId1} insert_policyId_to_file1 hijack_objectId12 ${objectId2} insert_policyId_to_file1 intercept_hijack_policyId5 ${policyId1} insert_policyId_to_file1 hijack_policyId5 ${policyId2} Proxy-Policy-hijack-00007 [Tags] 请求头右匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.gogokid.com.cn ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=cn/teacher ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00007 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId6 ${profiledId} insert_policyId_to_file1 hijack_objectId13 ${objectId} insert_policyId_to_file1 hijack_objectId14 ${objectId1} insert_policyId_to_file1 hijack_objectId15 ${objectId2} insert_policyId_to_file1 intercept_hijack_policyId6 ${policyId1} insert_policyId_to_file1 hijack_policyId6 ${policyId2} Proxy-Policy-hijack-00008 [Tags] 应答头右匹配 update policy:应答头 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*mafengwo.cn ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=wo.cn/mdd/ ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建请求头2 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack ${profiledId} Get From Dictionary ${response} profileId Comment Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00008 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId7 ${profiledId} insert_policyId_to_file1 hijack_objectId16 ${objectId} insert_policyId_to_file1 hijack_objectId17 ${objectId1} insert_policyId_to_file1 hijack_objectId18 ${objectId2} insert_policyId_to_file1 hijack_objectId46 ${objectId3} insert_policyId_to_file1 intercept_hijack_policyId7 ${policyId1} insert_policyId_to_file1 hijack_policyId7 ${policyId2} Proxy-Policy-hijack-00009 [Tags] 应答头完整匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*hexun.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=default.htm ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack ${profiledId} Get From Dictionary ${response} profileId Comment Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00009 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId8 ${profiledId} insert_policyId_to_file1 hijack_objectId19 ${objectId} insert_policyId_to_file1 hijack_objectId20 ${objectId1} insert_policyId_to_file1 hijack_objectId21 ${objectId2} insert_policyId_to_file1 intercept_hijack_policyId8 ${policyId1} insert_policyId_to_file1 hijack_policyId8 ${policyId2} Proxy-Policy-hijack-00010 [Tags] 应答头字串匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*axun.1616.net ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=/jiemeng.htm ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html|Content-Type ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack ${profiledId} Get From Dictionary ${response} profileId Comment Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00010 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId9 ${profiledId} insert_policyId_to_file1 hijack_objectId22 ${objectId} insert_policyId_to_file1 hijack_objectId23 ${objectId1} insert_policyId_to_file1 hijack_objectId24 ${objectId2} insert_policyId_to_file1 intercept_hijack_policyId9 ${policyId1} insert_policyId_to_file1 hijack_policyId9 ${policyId2} Proxy-Policy-hijack-00011 [Tags] 应答头左匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*airwargame.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=/eng/start/ ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00011 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId10 ${profiledId} insert_policyId_to_file1 hijack_objectId25 ${objectId} insert_policyId_to_file1 hijack_objectId26 ${objectId1} insert_policyId_to_file1 hijack_objectId27 ${objectId2} insert_policyId_to_file1 intercept_hijack_policyId10 ${policyId1} insert_policyId_to_file1 hijack_policyId10 ${policyId2} Proxy-Policy-hijack-00012 [Tags] cookie字串匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.reval.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=corporates/ ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=saltkey|Cookie ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00012 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId11 ${profiledId} insert_policyId_to_file1 hijack_objectId28 ${objectId} insert_policyId_to_file1 hijack_objectId29 ${objectId1} insert_policyId_to_file1 hijack_objectId30 ${objectId2} insert_policyId_to_file1 intercept_hijack_policyId11 ${policyId1} insert_policyId_to_file1 hijack_policyId11 ${policyId2} Proxy-Policy-hijack-00013 [Tags] set-cookie4种匹配 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$nsscreencast.com,*edreams.net,*boutiquehotel.me,$www.united.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_nsscreencast_session_*|Set-Cookie,*Secure; SameSite=None|Set-Cookie,Domain=.boutiquehotel.me|Set-Cookie,HOME1JSESSIONID*|Set-Cookie ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=nsscreencast,edreams,boutiquehotel,www.united.com ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00013 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR,${objectId2}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId12 ${profiledId} insert_policyId_to_file1 hijack_objectId31 ${objectId} insert_policyId_to_file1 hijack_objectId32 ${objectId1} insert_policyId_to_file1 hijack_objectId41 ${objectId2} insert_policyId_to_file1 intercept_hijack_policyId12 ${policyId1} insert_policyId_to_file1 hijack_policyId12 ${policyId2} Proxy-Policy-hijack-00014 [Tags] 最大组合 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.travelzoo.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*collections/hotels/ihg-group-meta/ ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent ${rescode} ${object_qq_Id} AddObject2 ${1} ${objectDict} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type ${rescode} ${object_yd_Id} AddObject2 ${1} ${objectDict} Comment 创建cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=__stripe_sid|Cookie ${rescode} ${object_ck_Id} AddObject2 ${1} ${objectDict} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=domain=travelzoo.com|Set-Cookie ${rescode} ${object_sk_Id} AddObject2 ${1} ${objectDict} Comment 创建hijack文件 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建hijack策略 ${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00014 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_qq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_yd_Id}|TSG_FIELD_HTTP_RES_HDR,${object_sk_Id}|TSG_FIELD_HTTP_RES_HDR,${object_ck_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} ${policyId2} Set Variable ${policyId2}[0] insert_policyId_to_file1 hijack_profileId13 ${profiledId} insert_policyId_to_file1 hijack_objectId33 ${object_fqdn_Id} insert_policyId_to_file1 hijack_objectId34 ${object_url_Id} insert_policyId_to_file1 hijack_objectId35 ${object_qq_Id} insert_policyId_to_file1 hijack_objectId36 ${object_yd_Id} insert_policyId_to_file1 hijack_objectId37 ${object_ck_Id} insert_policyId_to_file1 hijack_objectId38 ${object_sk_Id} insert_policyId_to_file1 intercept_hijack_policyId13 ${policyId1} insert_policyId_to_file1 hijack_policyId13 ${policyId2}