gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
1e9b87db655bd9ebd310f69f047d2310d516fc53
dongxiaoyan-tsg-autotest/01-TestCase/tsg_bfapi/security_policy/Security_Policy_Allow_Test.robot
lyf 1e9b87db65 提价安全策略case
2020-07-30 19:10:03 +08:00

740 lines
42 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectIds} ${group}
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Object.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Log.robot
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
Library json
Library DateTime
*** Variables ***
@{policyIds}
@{profiles}
${objectIds} ${EMPTY}
${group} ${EMPTY}
*** Test Cases ***
Allow-test-001
#新建allow协议单选http
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary policyName=新建allow单选协 action=allow source=${objectId1}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=2
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-002
#新建allow协议单选ssl
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-003
#新建allow协议单选dns
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"DNS"}
... isValid=${1}
... appIdObjects=4
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-004
#新建allow协议单选mail
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"MAIL"}
... isValid=${1}
... appIdObjects=5
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-005
#新建allow协议单选ftp
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"FTP"}
... isValid=${1}
... appIdObjects=6
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-006
#新建allow协议单选quic
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-007
#新建allow协议单选quic
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow多选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... isValid=${1}
... userRegion={}
... appIdObjects=2,3,4,5,6,7
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-008
#新建allowApplication选择HTTPfilter选择host中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-009
#新建allowApplication选择HTTPfilter选择host中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-010
#新建allowApplication选择HTTPfilter选择host中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-011
#新建allowApplication选择HTTPfilter选择host中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-012
#新建allowApplication选择HTTPfilter选择host中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-013
#新建allowApplication选择HTTPfilter选择host中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
...
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-014
#新建allowApplication选择SSLfilter选择SNI中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的fqdn右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-015
#新建allowApplication选择SSLfilter选择SNI中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的fqdn完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-016
#新建allowApplication选择SSLfilter选择SNI中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的fqdn-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-017
#新建allowApplication选择SSLfilter选择SNI中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的category右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-018
#新建allowApplication选择SSLfilter选择SNI中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择SNI中的category完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-019
#新建allowApplication选择SSLfilter选择SNI中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的category-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
...
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-020
#新建allowApplication选择QUICfilter选择SNI中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-021
#新建allowApplication选择QUICfilter选择SNI中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的fqdn完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-022
#新建allowApplication选择QUICfilter选择SNI中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的fqdn-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-023
#新建allowApplication选择QUICfilter选择SNI中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的category右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-024
#新建allowApplication选择QUICfilter选择SNI中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的category完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-025
#新建allowApplication选择QUICfilter选择SNI中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的category-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Reference in New Issue View Git Blame Copy Permalink