gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
0c9d6e8c745b4b7bccf9da3bed5d8728115180f2
dongxiaoyan-tsg-autotest/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot

154 lines
11 KiB
Plaintext
Raw Blame History

*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags tsg_adc Security_Policy
Library OperatingSystem
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Intercept-SSL-00001
[Tags] Selfserver Intercept Ssl Ip
Comment 创建IP
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
${objectIds} Set Variable ${objectId}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appIdObjects=3
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable видео Tango Secure Gateway CA
... ELSE set variable рутуб Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00002
[Tags] Selfserver Intercept Ssl Ip+Cat完整匹配
Comment 创建IP
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
${objectIds} Set Variable ${objectId}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable Twitter Tango Secure Gateway CA
... ELSE set variable 新鲜事一网打尽 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00003
[Tags] Selfserver Intercept Ssl Ip+Fqdn右匹配
Comment 创建IP
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
${objectIds} Set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable 字节跳动 Tango Secure Gateway CA
... ELSE set variable 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Intercept-SSL-00004
[Tags] Selfserver Intercept Ssl 修改
Comment 创建IP
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
${objectIds} Set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
@{stringlist} run keyword if '${systemType}'=='Windows' set variable 字节跳动 Tango Secure Gateway CA
... ELSE set variable 字节跳动 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommand ${commandstr} @{stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_cat_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
${rescode} UpdatePolicies 1 ${policyDict} v2 update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
${stringlist} run keyword if '${systemType}'=='Windows' set variable Twitter Tango Secure Gateway CA
... ELSE set variable 新鲜事一网打尽 Tango Secure Gateway CA
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Reference in New Issue View Git Blame Copy Permalink