575 lines
30 KiB
Plaintext
575 lines
30 KiB
Plaintext
*** Settings ***
|
||
Test Teardown run keywords Delete-Security-estimate ${PolicyName}
|
||
... AND Delete-object-estimate ${ObjName}
|
||
Force Tags tsg-ui objects security
|
||
Resource ../../../02-Keyword/tsg_ui/securityPolicy/SecurityPolicy.robot
|
||
Resource ../../../02-Keyword/tsg_ui/SecurityPolicy/SourceAndDestination.robot
|
||
Library OperatingSystem
|
||
Resource ../../../02-Keyword/tsg_ui/Menu.robot
|
||
Resource ../../../02-Keyword/tsg_ui/objects/NewObjectPages.robot
|
||
Resource ../../../02-Keyword/tsg_ui/objects/NewObject.robot
|
||
Resource ../../../03-Variable/bifangapivariable.txt
|
||
|
||
*** Test Cases ***
|
||
SecurityPolicy-Deny-HTTP-MaxCombination-Drop
|
||
#新建对象fqdn
|
||
Comment 新建对象fqdn
|
||
CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
#新建对象url
|
||
Comment 新建对象url
|
||
CreatePage URL single zdhurl keywordtext=*.com
|
||
#新建Request Header
|
||
Comment Request Header
|
||
#新建cookie
|
||
CreatePage HTTPSignature single zdhreqck reqrestype=req reqresheader=ck keywordtext=1234@#%
|
||
#新建ua
|
||
CreatePage HTTPSignature single zdhrequa reqrestype=req reqresheader=ua keywordtext=*скрипцияк
|
||
#新建Response Header
|
||
Comment Response Header
|
||
#新建set cookie
|
||
CreatePage HTTPSignature single zdhressck reqrestype=res reqresheader=sck keywordtext=1234@#%
|
||
#新建ct
|
||
CreatePage HTTPSignature single zdhresct reqrestype=res reqresheader=ct keywordtext=text*
|
||
#新建Request Content
|
||
Comment Request Content
|
||
#新建Request Content
|
||
CreatePage Key single zdhreqcontent keywordtext=*pppp
|
||
#新建策略
|
||
Comment 新建策略
|
||
Menu policys Security Policy
|
||
SecurityPolicy.CreateButton
|
||
SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
SecurityPolicy.Create-action deny
|
||
SecurityPolicy.Create-Source-Button
|
||
SourceAndDestination.Create-Source policytype=/html/body/div[1]/div/div[3]/div[2]/div/div[1]/form/div/div[4] type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
SecurityPolicy.Create-Destination-Button
|
||
SourceAndDestination.Create-Destination policytype=/html/body/div[1]/div/div[3]/div[2]/div/div[1]/form/div/div[5] type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
${ipname} create list zdhip001 zdhip001
|
||
${hostname} create list zdhfqdn
|
||
${urlname} create list zdhurl
|
||
${RequestHeadername} create list zdhreqck zdhrequa
|
||
${ResponseHeadername} create list zdhressck zdhresct
|
||
${RequestContentname} create list zdhreqcontent
|
||
${ObjName} create dictionary FQDN=${hostname} URL=${urlname} HTTPSignature=${RequestHeadername} HTTPSignature=${ResponseHeadername} Key=${RequestContentname} IP=${ipname}
|
||
${filter} create list Host URL Request Header Response Header Request Content
|
||
Create-Application-Button
|
||
ApplicationSearch HTTP
|
||
Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname} URLname=${urlname} Request Headername=${RequestHeadername} Response Headername=${ResponseHeadername}
|
||
... Request Contentname=${RequestContentname}
|
||
Deny-subaction action=deny subaction=Drop
|
||
LogSession 1
|
||
Enabled open
|
||
Security-Policies-OK
|
||
sleep ${sleep}
|
||
#修改策略,修改策略相当于再进行一遍新增
|
||
Comment 修改策略
|
||
Menu policys Security Policy
|
||
Security-Source Name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
EditButton
|
||
Initialize-Policie Deny
|
||
#新建策略
|
||
SecurityPolicy.Create-name SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
SecurityPolicy.Create-action deny
|
||
SecurityPolicy.Create-Source-Button
|
||
${Country} create list China
|
||
SourceAndDestination.Create-Source policytype=/html/body/div[1]/div/div[3]/div[2]/div/div[1]/form/div/div[4] type1=Geography CreateOrSearch=Create Add=Address name=zdhip001 Country=${Country}
|
||
# SecurityPolicy.Create-Destination-Button
|
||
# SourceAndDestination.Create-Destination policytype=/html/body/div[1]/div/div[3]/div[2]/div/div[1]/form/div/div[5] type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.3 post=1
|
||
${fqdnname} create list zdhfqdn
|
||
${filter} create list SNI CN SAN
|
||
Create-Application-Button
|
||
ApplicationSearch SSL
|
||
Create-Filter-judge Application=SSL Filter=${filter} SSLSNIname=${fqdnname} CNname=${fqdnname} SANname=${fqdnname}
|
||
Deny-subaction action=deny subaction=RST
|
||
LogSession 1
|
||
Enabled open
|
||
Security-Policies-OK
|
||
Security-Source Name SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
${text} get text xpath=//*[@id="ly-table1-listcontent"]/div/div[3]/table/tbody/tr/td[2]/div/div/p
|
||
Should Be Equal As Strings ${text} SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
${PolicyName} set variable SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
#一下用例没有进行Teardown清理,可以根据上面用例完善一下
|
||
# SecurityPolicy-Deny-HTTP-MaxCombination-RST
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建对象url
|
||
# Comment 新建对象url
|
||
# CreatePage URL single zdhurl keywordtext=*.com
|
||
# #新建Request Header
|
||
# Comment Request Header
|
||
# #新建cookie
|
||
# CreatePage HTTPSignature single zdhreqck reqrestype=req reqresheader=ck keywordtext=1234@#%
|
||
# #新建ua
|
||
# CreatePage HTTPSignature single zdhrequa reqrestype=req reqresheader=ua keywordtext=*скрипцияк
|
||
# #新建Response Header
|
||
# Comment Response Header
|
||
# #新建set cookie
|
||
# CreatePage HTTPSignature single zdhressck reqrestype=res reqresheader=sck keywordtext=1234@#%
|
||
# #新建ct
|
||
# CreatePage HTTPSignature single zdhresct reqrestype=res reqresheader=ct keywordtext=text*
|
||
# #新建Request Content
|
||
# Comment Request Content
|
||
# #新建Request Content
|
||
# CreatePage Key single zdhreqcontent keywordtext=*pppp
|
||
# #Response Content
|
||
# Comment Response Content
|
||
# #新建Response Content
|
||
# CreatePage Key single zdhrescontent keywordtext=*pppp
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${urlname} create list zdhurl
|
||
# ${RequestHeadername} create list zdhreqck zdhrequa
|
||
# ${ResponseHeadername} create list zdhressck zdhresct
|
||
# ${RequestContentname} create list zdhreqcontent
|
||
# ${ResponseContentname} create list zdhrescontent
|
||
# ${filter} create list Host URL Request Header Response Header Request Content
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname} URLname=${urlname} Request Headername=${RequestHeadername} Response Headername=${ResponseHeadername}
|
||
# ... Request Contentname=${RequestContentname} Response Contentname=${ResponseContentname}
|
||
# Deny-subaction action=deny subaction=RST
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Block403TEXT
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Block code=403 Content=TEXT block-text=123456
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Block403ProfileCreate
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Block code=403 Content=Profile SearchorCreate=Create ProfileName=zdhprofilehtml
|
||
# ... file=${path}response_pages_files\\Create-ResponsePages-test.html
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Block403ProfileSearch
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Block code=403 Content=Profile SearchorCreate=Search ProfileName=zdhprofilehtml
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Block404TEXT
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Block code=404 Content=TEXT block-text=123456
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
# [Teardown] run keyword if test passed
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Block404ProfileCreate
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Block code=404 Content=Profile SearchorCreate=Create ProfileName=zdhprofilehtml
|
||
# ... file=${path}response_pages_files\\Create-ResponsePages-test.html
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Block404ProfileSearch
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Block code=404 Content=Profile SearchorCreate=Search ProfileName=zdhprofilehtml
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Alert200TEXT
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Alert code=200 Content=TEXT block-text=123456
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Alert200ProfileCreate
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Alert code=200 Content=Profile SearchorCreate=Create ProfileName=zdhprofilehtml
|
||
# ... file=${path}response_pages_files\\Create-ResponsePages-test.html
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Alert200ProfileSearch
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Alert code=200 Content=Profile SearchorCreate=Search ProfileName=zdhprofilehtml
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-HTTP-Host-Alert204
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-HTTP-MaxCombination
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${hostname} create list zdhfqdn
|
||
# ${filter} create list Host
|
||
# Create-Application-Button
|
||
# ApplicationSearch HTTP
|
||
# Create-Filter-judge Application=HTTP Filter=${filter} Hostname=${hostname}
|
||
# Deny-subaction action=deny subaction=Alert code=204
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${fqdnname} create list zdhfqdn
|
||
# ${filter} create list SNI CN SAN
|
||
# Create-Application-Button
|
||
# ApplicationSearch SSL
|
||
# Create-Filter-judge Application=SSL Filter=${filter} SSLSNIname=${fqdnname} CNname=${fqdnname} SANname=${fqdnname}
|
||
# Deny-subaction action=deny subaction=Drop
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-SSL-MaxCombination-RST
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${fqdnname} create list zdhfqdn
|
||
# ${filter} create list SNI CN SAN
|
||
# Create-Application-Button
|
||
# ApplicationSearch SSL
|
||
# Create-Filter-judge Application=SSL Filter=${filter} SSLSNIname=${fqdnname} CNname=${fqdnname} SANname=${fqdnname}
|
||
# Deny-subaction action=deny subaction=RST
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-DNS-MaxCombination-Drop
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${fqdnname} create list zdhfqdn
|
||
# ${filter} create list QNAME
|
||
# Create-Application-Button
|
||
# ApplicationSearch DNS
|
||
# Create-Filter-judge Application=DNS Filter=${filter} QNAMEname=${fqdnname}
|
||
# Deny-subaction action=deny subaction=Drop
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-DNS-MaxCombination-Redirect-A
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${fqdnname} create list zdhfqdn
|
||
# ${filter} create list QNAME
|
||
# Create-Application-Button
|
||
# ApplicationSearch DNS
|
||
# Create-Filter-judge Application=DNS Filter=${filter} QNAMEname=${fqdnname}
|
||
# Deny-subaction action=deny subaction=Redirect QType=A Avalue=5.5.5.5 Attl=100 CNAMEvalue=www.a.b
|
||
# ... CNAMEttl=1000
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-DNS-MaxCombination-Redirect-AAAA
|
||
# #新建对象fqdn
|
||
# Comment 新建对象fqdn
|
||
# CreatePage FQDN single zdhfqdn keywordtext=*www.baidu.com
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${fqdnname} create list zdhfqdn
|
||
# ${filter} create list QNAME
|
||
# Create-Application-Button
|
||
# ApplicationSearch DNS
|
||
# Create-Filter-judge Application=DNS Filter=${filter} QNAMEname=${fqdnname}
|
||
# Deny-subaction action=deny subaction=Redirect QType=AAAA Avalue=1234::ABCD Attl=100 CNAMEvalue=www.a.b
|
||
# ... CNAMEttl=1000
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-FTP-MaxCombination-Drop
|
||
# #新建对象url
|
||
# Comment 新建对象url
|
||
# CreatePage URL single zdhftpurl keywordtext=*.com
|
||
# #新建Content
|
||
# Comment Content
|
||
# CreatePage Key single zdhftpContent keywordtext=*pppp
|
||
# #新建Account
|
||
# Comment Account
|
||
# CreatePage Account single zdhftpAccount keywordtext=0000
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${URIname} create list zdhftpurl
|
||
# ${FTPContentname} create list zdhftpContent
|
||
# ${FTPAccountname} create list zdhftpAccount
|
||
# ${filter} create list URI Content Account
|
||
# Create-Application-Button
|
||
# ApplicationSearch FTP
|
||
# Create-Filter-judge Application=FTP Filter=${filter} URIname=${URIname} FTPContentname=${FTPContentname} FTPAccountname=${FTPAccountname}
|
||
# Deny-subaction action=deny subaction=Drop
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|
||
# SecurityPolicy-Deny-FTP-MaxCombination-RST
|
||
# #新建对象url
|
||
# Comment 新建对象url
|
||
# CreatePage URL single zdhftpurl keywordtext=*.com
|
||
# #新建Content
|
||
# Comment Content
|
||
# CreatePage Key single zdhftpContent keywordtext=*pppp
|
||
# #新建Account
|
||
# Comment Account
|
||
# CreatePage Key single zdhftpAccount keywordtext=*pppp
|
||
# #新建策略
|
||
# Comment 新建策略
|
||
# Menu policys Security Policy
|
||
# SecurityPolicy.CreateButton
|
||
# SecurityPolicy.Create-name SecurityPolicy-Deny-SSL-MaxCombination-Drop
|
||
# SecurityPolicy.Create-action deny
|
||
# SecurityPolicy.Create-Source-Button
|
||
# SecurityPolicy.Create-Source type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# #SecurityPolicy.Create-Destination-Button
|
||
# #SecurityPolicy.Create-Destination type1=Ip CreateOrSearch=Create Add=Address name=zdhip001 ipclienttext1=192.168.100.1 post=1
|
||
# ${URIname} create list zdhftpurl
|
||
# ${FTPContentname} create list zdhftpContent
|
||
# ${FTPAccountname} create list zdhftpAccount
|
||
# ${filter} create list URI Content Account
|
||
# Create-Application-Button
|
||
# ApplicationSearch FTP
|
||
# Create-Filter-judge Application=FTP Filter=${filter} URIname=${URIname} FTPContentname=${FTPContentname} FTPAccountname=${FTPAccountname}
|
||
# Deny-subaction action=deny subaction=RST
|
||
# LogSession 1
|
||
# Enabled open
|
||
# Security-Policies-OK
|
||
|