136 lines
9.0 KiB
Plaintext
136 lines
9.0 KiB
Plaintext
*** Settings ***
|
|
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
|
|
Force Tags tsg_adc Security_Policy
|
|
Library OperatingSystem
|
|
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
|
|
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
|
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
|
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
|
|
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
|
|
Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
|
|
|
|
*** Variables ***
|
|
${policyIds} ${EMPTY}
|
|
${objectids} ${EMPTY}
|
|
|
|
*** Test Cases ***
|
|
SecurityPolicy-Allow-Http-00001
|
|
[Tags] Selfserver Allow Http Ip
|
|
Comment 创建IP
|
|
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
|
|
${addItemLists} Create list ${addItemList1}
|
|
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
|
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
|
${objectIds} Set Variable ${objectId}
|
|
Comment 创建安全策略
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00001 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "HTTP"} filterList= isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
|
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
|
#删除策略
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
Comment 功能端验证HTTP验证
|
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
|
|
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
|
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓
|
|
... ELSE Create List 酒店式公寓
|
|
${starttime} Get Time
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
${endtime} Get Time
|
|
#日志验证
|
|
${s} Convert to String ${policyId}
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
|
|
|
SecurityPolicy-Allow-Http-00002
|
|
[Tags] Selfserver Allow Http Ip+Cat右匹配
|
|
Comment 创建IP
|
|
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
|
|
${addItemLists} Create list ${addItemList1}
|
|
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
|
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
|
${objectIds} Set Variable ${objectId}
|
|
Comment 创建cat
|
|
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com
|
|
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
|
|
Comment 创建安全策略
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
|
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
|
#删除策略
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
Comment 功能端验证HTTP验证
|
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
|
|
... ELSE set variable curl http://open.node.com/test/youtube/youtube.html
|
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员
|
|
... ELSE Create List 关闭播放器
|
|
${starttime} Get Time
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
${endtime} Get Time
|
|
#日志验证
|
|
${s} Convert to String ${policyId}
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
|
|
|
SecurityPolicy-Allow-Http-00003
|
|
[Tags] Selfserver Allow Http Ip+Fqdn完整匹配
|
|
Comment 创建IP
|
|
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
|
|
${addItemLists} Create list ${addItemList1}
|
|
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
|
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
|
${objectIds} Set Variable ${objectId}
|
|
Comment 创建fqdn
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
|
|
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
|
|
Comment 创建安全策略
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
|
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
|
#删除策略
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
Comment 功能端验证HTTP验证
|
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
|
|
... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html
|
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
|
|
... ELSE Create List nationalbank
|
|
${starttime} Get Time
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
${endtime} Get Time
|
|
#日志验证
|
|
${s} Convert to String ${policyId}
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
|
|
|
SecurityPolicy-Allow-Http-00004
|
|
[Tags] Selfserver Allow Http Ip+Fqdn完整匹配
|
|
Comment 创建IP
|
|
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
|
|
${addItemLists} Create list ${addItemList1}
|
|
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
|
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
|
${objectIds} Set Variable ${objectId}
|
|
Comment 创建fqdn
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
|
|
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
|
|
Comment 创建安全策略
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
|
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
|
#删除策略
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
Comment 功能端验证HTTP验证
|
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
|
|
... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html
|
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank
|
|
... ELSE Create List nationalbank
|
|
${starttime} Get Time
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
${endtime} Get Time
|
|
#日志验证
|
|
${s} Convert to String ${policyId}
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|