gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
361e22c9c7f45bdb82b51e68c8d2afbbaf114354
dongxiaoyan-tsg-autotest/01-TestCase/zjj/ZJJ_ProxyPolciy-SSL注入比率测试.robot
dongxiaoyan b36f413d16 cli相关文件更改大小写适应linux; 
添加oam接口
中间件接口更新,添加限流测试
2020-06-11 09:26:43 +08:00

247 lines
18 KiB
Plaintext
Raw Blame History

*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags zjj tsg_adc proxy_policy
Library OperatingSystem
Resource ../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../03-Variable/AllFlowCaseVariable.txt
Resource ../../03-Variable/Policy_Objects_Module.txt
Library Custometest
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/hijackfiles
${profiledId} ${EMPTY}
*** Test Cases ***
ZJJ_ProxyPolicy-Hijack-Ssl-大注入比率0.25
[Tags] selfserver ssl hijack ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
#${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack-比率 python-3.8.1-amd64.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test1","contentName":"python-3.8.1-amd64.exe","profileId":null,"returnData":1}
#${profiledId} Get From Dictionary ${response} profileId
${objectedit} Create Dictionary profileName=ZJJ_ProxyPolicy-Hijack-Ssl-025 contentName=KMSTools.exe contentType=application/x-msdos-program
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ KMSTools.exe ${objectDict}
# 查询
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=ZJJ_SecurityPolicy-Hijack-Ssl-025 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-Ssl-025 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#${rescode} ${policyId3} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"},"isValid":1,"objectIds":[],"objectList":[],"scheduleId":[],"source":[{"objectId":${testClentID},"protocolField":"TSG_SECURITY_SOURCE_ADDR"}],"destination":[],"filterList":[{"filter":[{"objectId":${objectId},"protocolField":"TSG_FIELD_HTTP_URL"}]}],"appIdObjects":[2]}}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 100
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |ZJJ_ProxyPolicy-Hijack-Ssl-注入比率0.25\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt ZJJ_ProxyPolicy-Hijack-Ssl-注入比率0.25访问100次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Hijack-Ssl-小注入比率0.25
[Tags] selfserver ssl hijack ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建hijack文件
#${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack-比率 python-3.8.1-amd64.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test1","contentName":"python-3.8.1-amd64.exe","profileId":null,"returnData":1}
#${profiledId} Get From Dictionary ${response} profileId
${objectedit} Create Dictionary profileName=zmmhjacktest contentName=Create-Hijack Files-test-7.rpm contentType=audio/x-pn-realaudio-plugin
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_hijack} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 ${url} hijack_files/ Create-Hijack Files-test-7.rpm ${objectDict}
# 查询
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=ZJJ_SecurityPolicy-Hijack-Ssl-025 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Hijack-Ssl-025 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#${rescode} ${policyId3} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"},"isValid":1,"objectIds":[],"objectList":[],"scheduleId":[],"source":[{"objectId":${testClentID},"protocolField":"TSG_SECURITY_SOURCE_ADDR"}],"destination":[],"filterList":[{"filter":[{"objectId":${objectId},"protocolField":"TSG_FIELD_HTTP_URL"}]}],"appIdObjects":[2]}}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 100
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |ZJJ_ProxyPolicy-Hijack-Ssl-注入比率0.25\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt ZJJ_ProxyPolicy-Hijack-Ssl-注入比率0.25访问100次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Insert-Ssl-大注入比率0.25
[Tags] selfserver ssl Hijack ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${objectedit} Create Dictionary profileName=zmminserttest format=js insertOn=before_page_load
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_insert} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 /policy/profile/insertscripts insert_files/ big.js ${objectDict}
# 查询
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=ZJJ_SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Insert-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 10
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Insert-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.1访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZJJ_ProxyPolicy-Insert-Ssl-小注入比率0.25
[Tags] selfserver ssl Hijack ip+url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建insert文件
${objectedit} Create Dictionary profileName=zmminserttest format=js insertOn=before_page_load
Comment 打印需要修改的json内容
log ${objectedit}
${objectDict} Jsoneditmanu ${setting_proxy_profiles_insert} ${objectedit}
log ${objectDict}
${response} CreatePolicyFile4 /policy/profile/insertscripts insert_files/ Create-Insert Scripts-test-1.js ${objectDict}
# 查询
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=ZJJ_SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
${policyIds} Create List ${policyId1}
Comment 创建管控策略
${policyDict} Create Dictionary policyName=ZJJ_ProxyPolicy-Insert-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
${policyIds} Create List ${policyId1} ${policyId2}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connected to open.node.com
... ELSE Create List Connected to open.node.com
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
:FOR ${n} IN RANGE 10
SystemCommands ${commandstr} ${stringlist}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId3}
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
log 22${logsize}
${logsize} Convert to String ${logsize}
Append To File ${path}/enforcement_ratio.txt |Insert-Ssl-00001\r\n
Append To File ${path}/enforcement_ratio.txt |-starttime:|${starttime}\r\n
Append To File ${path}/enforcement_ratio.txt 0.1访问1000次logsize:|${logsize}
Append To File ${path}/enforcement_ratio.txt s:|${s}
Append To File ${path}/enforcement_ratio.txt endtime:|${endtime}
ZDFY_ActiveDefencePolicy-注入比率0.25
[Tags] flood
${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00001
Comment claimed_src_ip_profile_id
${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]}
${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
Comment 创建带主动策略Flood
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=active_defence
... policyDesc=${caseName}
... action=activeDefence
... effectiveRange=${Default_EffectiveRange}
... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}}
... referenceObject=
... isValid=1
... appObjectIdArray=${2}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]}
Reference in New Issue View Git Blame Copy Permalink