gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
361e22c9c7f45bdb82b51e68c8d2afbbaf114354
dongxiaoyan-tsg-autotest/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot
hebingning 067748a5dd 补充allow,deny动作最小组合用例
2021-03-01 09:08:49 +08:00

95 lines
6.7 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

*** Settings ***
Force Tags tsg_adc_wp adc_api security_policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource ../../../03-Variable/ApplicationID.txt
Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
*** Test Cases ***
SecurityPolicy-Deny-Dns-00001
[Tags] fqdn完整和右匹配,update policy:source ip_geo
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.facebook.com,*rutube.ru
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建ip geo
${addItemList1} Create Dictionary keywordArray=XXG地区.*
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"drop"} filterList=${objectId}|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
#${policyId} Evaluate ${policyId}.replace('[]','')
insert_policyId_to_file1 deny_dns_objectId ${objectId}
insert_policyId_to_file1 deny_dns_objectId4 ${objectId1}
insert_policyId_to_file1 deny_dns_policyId ${policyId}
SecurityPolicy-Deny-Dns-00002
[Tags] cat右和完整匹配
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*arctictrucks.ru,*wifika.ru
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.jd.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.41.186","ttl":{"min":300,"max":300}}]}]} filterList=103|TSG_FIELD_DNS_QNAME,${objectId}|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_dns_objectId1 ${objectId}
insert_policyId_to_file1 deny_dns_policyId1 ${policyId}
SecurityPolicy-Deny-Dns-00003
[Tags] cat
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*aec188.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*huitu.com
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:11","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":600,"max":600}}]}]} filterList=129|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_dns_objectId2 ${objectId}
insert_policyId_to_file1 deny_dns_objectId6 ${objectId1}
insert_policyId_to_file1 deny_dns_policyId2 ${policyId}
SecurityPolicy-Deny-Dns-00004
[Tags] fqdn右匹配 destination:iplearning update fqdn
Comment 本用例引用的destination是ip learning学习到的数据为保证后续步骤可以执行destination需要引用已经存在的ip learning
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*twitch.tv
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn2
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.twitch.tv
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00004 destination=3123|TSG_SECURITY_DESTINATION_ADDR policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:22","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.facebook.com","ttl":{"min":400,"max":400}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.ok.ru","ttl":{"min":400,"max":400}},{"atype":"A","value":"192.168.40.110","ttl":{"min":400,"max":400}}]}]} filterList=${objectId}|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_dns_objectId3 ${objectId}
insert_policyId_to_file1 deny_dns_objectId5 ${objectId1}
insert_policyId_to_file1 deny_dns_policyId3 ${policyId}
SecurityPolicy-Deny-Dns-00005
[Tags] the minimum match
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"drop"} isValid=${0} appIdObjects=${DNS_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_dns_policyId4 ${policyId}
log ${defaultClient}
Reference in New Issue View Git Blame Copy Permalink