gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
009cee44c2724fd30e4a966f42156a2c03fec95b
dongxiaoyan-tsg-autotest/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot
姬巍川 341fef6b25 修改7和8用例策略无法命中问题
2020-05-15 11:30:01 +08:00

346 lines
22 KiB
Plaintext
Raw Blame History

*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Library Custometest
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Deny-Ftp-00001
[Tags] selfserver deny ftp account子串匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00002
[Tags] selfserver deny ftp account右匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00003
[Tags] selfserver deny ftp account完整匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00004
[Tags] selfserver deny ftp account左匹配
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u*
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_Account_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00005
[Tags] selfserver deny ftp url子串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=168.100
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00006
[Tags] selfserver deny ftp url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*t.txt
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00007
[Tags] selfserver deny ftp url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$ftp://192.168.100.5/test.txt
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00008
[Tags] selfserver deny ftp url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=ftp://192.168.100*
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00009
[Tags] selfserver deny ftp content子串匹配
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=中文test
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00010
[Tags] selfserver deny ftp content右匹配
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test.txt
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00011
[Tags] selfserver deny ftp content完整匹配
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$中文test.txt
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00012
[Tags] selfserver deny ftp content左匹配
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=中文te*
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
SecurityPolicy-Deny-Ftp-00013
[Tags] selfserver deny ftp 多ip+修改
Comment 创建第二个源IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.10|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建Account
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Account_Id}
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=中文te*
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT,${objectId}|TSG_SECURITY_SOURCE_ADDR isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_SOURCE_ADDR,${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
SecurityPolicy-Deny-Ftp-00014
[Tags] selfserver deny ftp 最大组合
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=168.100
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_url_Id}
Comment 创建content
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=中文test
${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_content_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT,${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test
should contain ${FTP} ftp_fail
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt
Reference in New Issue View Git Blame Copy Permalink