gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
009cee44c2724fd30e4a966f42156a2c03fec95b
dongxiaoyan-tsg-autotest/01-TestCase/tsg_adc/multi_step/MultiStepDenyAllTests.robot
dongxiaoyan d1cea4a619 删除目录
2020-05-29 16:14:49 +08:00

197 lines
11 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

*** Settings ***
Test Teardown DeleteAfterCase ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security selfserver
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/PolicyObjectDefault.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
Resource ../../../03-Variable/AllFlowCaseVariable.txt
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Library Custometest
Library json
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/responsepages
${profiledId} ${EMPTY}
${dict} ${None}
${caseName} SecurityPolicy-Deny-AllProtol-00001
*** Keywords ***
create-object-policy
[Arguments] @{flag}
Comment 创建目标IP
${objectDict} Create Dictionary
... objectType=IP
... isValid=1
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_IPobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc}
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} Run Keyword If '${testPart}'=='all' set Variable ${objectId}
Comment 创建安全策略针对所有协议相当于BlackIP
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${Default_PolicyDesc}
... action=deny
... effectiveRange=${Default_EffectiveRange}
... userRegion=${Default_UserRegion}
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
... isValid=${Default_IsValid}
... appObjectIdArray=2,3,4,5,6
... userTags=${Default_UserTags}
... doLog=2
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Run Keyword If '${testPart}'=='all' Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
# 区分执行方式
${value} Run Keyword If ${flag}==[] insert_policyId_to_file ${caseName} ${policyId} ${objectids}
... ELSE Create Dictionary policyId=${policyId} objectId=${objectids}
Set Test Variable ${dict} ${value}
function-test
Run Keyword If '${testPart}'=='all' Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/${caseName}_HTTP.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime_http} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_http} Get Time
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 功能端验证SSL验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/${caseName}_SSL.bat
... ELSE set variable curl -kv https://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
#OpenSSL SSL_connect: Connection was reset in connection to
#Send failure: Connection was reset
... ELSE Create List OpenSSL SSL_connect: Connection reset by peer in connection to
${starttime_ssl} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_ssl} Get Time
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
#${mail} EmailLogin mail.tsgmail.com 25 dongxiaoyan@mail.tsgmail.com dxy123
${starttime_mail} Get Time
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable dongxiaoyan@mail.tsgmail.com
${邮箱密码} Set Variable dxy123
${邮件主题} Set Variable что- иностранныеsuject
${发送者} Set Variable dongxiaoyan@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["jwctest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["lyftest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明contentчто-иностранныеsuject
${mail} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
should contain ${mail} mail_fail
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_mail} Get Time
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
${starttime_ftp} Get Time
${ftpLogin} FTP_login ftp://192.168.100.5:21 -u"ftp_user:qazXSW@edc" test.txt
should contain ${ftpLogin} ftp_fail
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ''
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_ftp} Get Time
${endtime} Get Time
# 区分执行方式
Run Keyword If ${dict}==${None} insert_time_to_file ${caseName} ${starttime} ${endtime}
... ELSE Run Keyword Set To Dictionary ${dict} ${starttime} ${endtime}
log-test
# 日志验证
${obj} Run Keyword If ${dict}==${None} json.Loads ${caseName}
... ELSE Set Variable ${dict}
${policyId} Set Variable ${obj}[policyId]
${s} Convert to String ${policyId}
${objectids} Run Keyword If '${testPart}'!='all' set Variable ${obj}[objectids]
${policyIds} Run Keyword If '${testPart}'!='all' Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
#日志验证
GetLogList security_event_log ${starttime_http} ${endtime_http} ${testClentIP} ${s} http_host open.node.com
${obj}[starttime] ${obj}[endtime]
Comment 功能端验证SSL验证
#日志验证
GetLogList security_event_log ${starttime_ssl} ${endtime_ssl} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
#日志验证
GetLogList security_event_log ${starttime_mail} ${endtime_mail} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
#日志验证
GetLogList security_event_log ${starttime_ftp} ${endtime_ftp} ${testClentIP} ${s} ftp_account ''
log-test_bak
# 日志验证
${obj} Run Keyword If ${dict}==${None} json.Loads ${caseName}
... ELSE Set Variable ${dict}
${policyId} Set Variable ${obj}[policyId]
${s} Convert to String ${policyId}
${objectids} Run Keyword If '${testPart}'!='all' set Variable ${obj}[objectids]
${policyIds} Run Keyword If '${testPart}'!='all' Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
#日志验证
#GetLogList security_event_log ${starttime_http} ${endtime_http} ${testClentIP} ${s} http_host open.node.com
GetLogList security_event_log ${obj}[starttime_http] ${obj}[endtime_http] ${testClentIP} ${s} http_host open.node.com
${obj}[starttime] ${obj}[endtime]
Comment 功能端验证SSL验证
#日志验证
#GetLogList security_event_log ${starttime_ssl} ${endtime_ssl} ${testClentIP} ${s} ssl_sni open.node.com
GetLogList security_event_log ${obj}[starttime_ssl} ${obj}[endtime_ssl} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
#日志验证
#GetLogList security_event_log ${starttime_mail} ${endtime_mail} ${testClentIP} ${s} mail_protocol_type SMTP
GetLogList security_event_log ${obj}[starttime_mail} ${obj}[endtime_mail} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
#日志验证
#GetLogList security_event_log ${starttime_ftp} ${endtime_ftp} ${testClentIP} ${s} ftp_account ''
GetLogList security_event_log ${obj}[starttime_ftp} ${obj}[endtime_ftp} ${testClentIP} ${s} ftp_account ''
*** Test Cases ***
MultiSecurityPolicy-Deny-AllProtol-00001
[Tags] securitypolciy deny allprotol multistep
#${caseName} set variable SecurityPolicy-Deny-AllProtol-00001
Run Keyword If '${testPart}'=='all' Run Keywords create-object-policy True
... AND function-test
... AND log-test
... ELSE IF ${testPart}==1 Run Keyword create-object-policy
... ELSE IF ${testPart}==2 Run Keyword function-test
... ELSE IF ${testPart}==3 Run Keyword log-test
#{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"rst"},"referenceObject":[{"objectId":6926,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":6943,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]}],"isValid":0,"scheduleId":[],"appObjectIdArray":[2,3,4,5,6]}}
Reference in New Issue View Git Blame Copy Permalink