gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
009cee44c2724fd30e4a966f42156a2c03fec95b
dongxiaoyan-tsg-autotest/01-TestCase/zjj/ZJJ_ProxyPolciy-Hijack-SSL.robot
dongxiaoyan b36f413d16 cli相关文件更改大小写适应linux; 
添加oam接口
中间件接口更新,添加限流测试
2020-06-11 09:26:43 +08:00

1216 lines
92 KiB
Plaintext
Raw Blame History

*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags zjj tsg_adc proxy_policy
Library OperatingSystem
Resource ../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/hijackfiles
${profiledId} ${EMPTY}
*** Test Cases ***
ZJJ_ProxyPolicy-Hijack-Ssl-00001
[Tags] selfserver ssl hijack ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
${objectDict} Create Dictionary objectId=${objectId} objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} EditObject ${objectDict} update
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test.apk hijack {"isValid":1,"contentType":"application/vnd.android.package-archive","opAction":"add","profileName":"test1","contentName":"Create-Hijack Files-test.apk","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=ZJJ_SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.1} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.1访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00002
[Tags] selfserver ssl hijack ip+fqdn完整匹配+url
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.2} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.2访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00003
[Tags] selfserver ssl hijack ip+cat右匹配+url
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.3} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.3访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00004
[Tags] selfserver ssl hijack ip+url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.4} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.4访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00005
[Tags] selfserver ssl hijack ip+url字串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.5} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.5访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00006
[Tags] selfserver ssl hijack ip+url完整匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.6} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.6访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00007
[Tags] selfserver ssl hijack ip+url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.7} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.7访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00008
[Tags] selfserver ssl hijack ip+请求头右匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00008 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.8} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.8访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00009
[Tags] selfserver ssl hijack ip+请求头字串匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00009 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.9} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.9访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00010
[Tags] selfserver ssl hijack ip+请求头完整匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00010 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":1} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 1访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00011
[Tags] selfserver ssl hijack ip+请求头左匹配+url
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00011 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.1111} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.1111访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00012
[Tags] selfserver ssl hijack ip+cookie字串匹配+url
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00012 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.2222} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.2222访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00013
[Tags] selfserver ssl hijack ip+应答头右匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00013 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.3333} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.3333访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00014
[Tags] selfserver ssl hijack ip+应答头字串匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.4444} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.4444访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00015
[Tags] selfserver ssl hijack ip+应答头完整匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.5555} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.5555访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00016
[Tags] selfserver ssl hijack ip+应答头左匹配+url
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.6666} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.6666访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00017
[Tags] selfserver ssl hijack ip+set-cookie右匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.7777} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.7777访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00018
[Tags] selfserver ssl hijack ip+set-cookie字串匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.8888} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.8888访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00019
[Tags] selfserver ssl hijack ip+set-cookie完整匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.9999} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.9999访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00020
[Tags] selfserver ssl hijack ip+set-cookie左匹配+url
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":1.0} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-00017.bat
... ELSE set variable curl -kv https://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00021
[Tags] selfserver 最大组合 ssl hijack
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":1} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-SSL-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 1访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00022
[Tags] selfserver 最大组合 ssl hijack update
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00022 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.5} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-SSL-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.5访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
#修改
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=MASK|192.168.100.5|255.255.255.255|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0 (Windows*|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
#创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00022 policyId=${policyId} policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00022 policyId=${policyId3} policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.5} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} EditPolicy ${policyDict} update
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt update0.5->0.1访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-00023
[Tags] selfserver 最大组合 ssl hijack update
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00022 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":1} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-SSL-00023.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 1访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
#修改
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=MASK|192.168.100.5|255.255.255.255|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0 (Windows NT*|User-Agent
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id}
Comment 创建hijack文件
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
${profiledId} Get From Dictionary ${response} profileId
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00022update policyId=${policyId} policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-SSL-00022update policyId=${policyId3} policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP","enforcement_ratio":0.5} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId3} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 1000
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Hijack-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt update1->0.5访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
Reference in New Issue View Git Blame Copy Permalink