gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
bb4717b09fc2ac6f579e6a1aeb751a22ffa188cd
dongxiaoyan-tsg-autotest/01-TestCase/tsg_ui/ui_security/Ui_InterceptSSLCase.robot
lyf bb4717b09f 提交安全策略用例优化
2021-03-22 18:24:26 +08:00

942 lines
49 KiB
Plaintext
Raw Blame History

*** Settings ***
Force Tags tsg-ui Policies Security
Library Selenium2Library
Resource ../../../02-Keyword/tsg_ui/objects/NewObjectPages.robot
Resource ../../../02-Keyword/tsg_ui/objects/NewObject.robot
Resource ../../../02-Keyword/tsg_ui/Menu.robot
Resource ../../../03-Variable/PolicyObjectDefault.txt
Resource ../../../02-Keyword/tsg_ui/policy/UIPolicy.robot
*** Test Cases ***
################################################################################################################################
SecurityInterceptSSL001
[Tags] Intercept SSL SNI
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN keywordtext=$www.facebook.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}${tag}_FQDN
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptSSL002
[Tags] Intercept SSL SNI
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN keywordtext=*youtube.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}${tag}_FQDN
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptSSL003
[Tags] Intercept SSL SNI
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=$twitter.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=*.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptSSL005
[Tags] Intercept SSL Category
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list chat
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} Hosttype=Category
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
SecurityInterceptSSL006
[Tags] Intercept SSL FQDN
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN keywordtext=$mail.ru
${sniname} create list ${TEST NAME}${tag}_FQDN
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} FilterInfo=${filterInfo}
PoliciesDelete
################################################################################################################################
#DecryptionProfile 按钮用例
SecurityInterceptSSL007
[Tags] Intercept SSL 证书验证开关全部开启Fail-close
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=*untrusted-root.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN3 keywordtext=*self-signed.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN4 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${TEST NAME}${tag}_FQDN3 ${TEST NAME}${tag}_FQDN4
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=1 Issuer=1 Self-signed=1 Expiry Date=1 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_按钮开启Fail-close Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL008
[Tags] Intercept SSL 证书验证开关全部关闭
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=*untrusted-root.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN3 keywordtext=*self-signed.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN4 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${TEST NAME}${tag}_FQDN3 ${TEST NAME}${tag}_FQDN4
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_证书验证关闭1 Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL009
[Tags] Intercept SSL 证书验证开关failclose-Common Name打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=1 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_证书验证开关failclose-Common Name打开 Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL010
[Tags] Intercept SSL 证书验证开关failclose-Issuer打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*untrusted-root.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=1 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_证书验证开关failclose-Issuer打开 Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL011
[Tags] Intercept SSL 证书验证开关failclose-Self-signed打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*self-signed.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=1 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_证书验证开关failclose-Self-signed打开 Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL012
[Tags] Intercept SSL 证书验证开关failclose-Expiry-Date打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=1 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_failclose-Expiry-Date打开 Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL013
[Tags] Intercept SSL 证书验证开关全部开启Pass-through
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=*untrusted-root.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN3 keywordtext=*self-signed.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN4 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${TEST NAME}${tag}_FQDN3 ${TEST NAME}${tag}_FQDN4
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=1 Issuer=1 Self-signed=1 Expiry Date=1 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_按钮开启Fail-close Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL014
[Tags] Intercept SSL 证书验证开关pass-through-Common打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=1 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_pass-through-Common打开 Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL015
[Tags] Intercept SSL 证书验证开关pass-through-Issuer打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*untrusted-root.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=1 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_pass-through-Issuer打开 Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL016
[Tags] Intercept SSL 证书验证开关pass-through-Self-signed打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*self-signed.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=1 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_pass-through-Self-signed打开 Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL017
[Tags] Intercept SSL 证书验证开关pass-through-Expiry Date打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=1 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_pass-through-Expiry Date打开 Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL018
[Tags] Intercept SSL 证书验证开关EV开启
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=$www.myssl.cn
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=$pbsz.ebank.cmbchina.com
${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=1
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_EV开启 Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL019
[Tags] Intercept SSL 证书验证开关CT开启
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=$www.jd.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=$mail.ru
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN3 keywordtext=$www.vip.com
${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${TEST NAME}${tag}_FQDN3
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=1 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_CT开启 Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL020
[Tags] Intercept SSL 证书验证开关MA开启
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*client.badssl.com
${sniname} create list ${TEST NAME}${tag}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=1 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_MA开启 Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL021
[Tags] Intercept SSL 证书验证开关开启Certificate Pinning
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=1 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_开启Certificate Pinning Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL022
[Tags] Intercept SSL 证书验证开关关闭Certificate Pinning
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_关闭Certificate Pinning Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL023
[Tags] Intercept SSL 证书验证开关关闭Certificate Not Installed
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_关闭Certificate Not Installed Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL024
[Tags] Intercept SSL 证书验证开关开启Certificate Not Installed
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=1 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_开启Certificate Not Installed Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL025
[Tags] Intercept SSL 证书验证开关IP-协议版本SSL3.0
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本SSL3.0 Dict1=${dict} min1=SSLv3.0 max1=SSLv3.0
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL026
[Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.0
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本TSL1.0 Dict1=${dict} min1=TLSv1.0 max1=TLSv1.0
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL027
[Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本TSL1.1 Dict1=${dict} min1=TLSv1.1 max1=TLSv1.1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL028
[Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.2
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本TSL1.2 Dict1=${dict} min1=TLSv1.2 max1=TLSv1.2
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL029
[Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.3
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本TSL1.3 Dict1=${dict} min1=TLSv1.3 max1=TLSv1.3
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
################################################################################################################################
#解密流量转发
SecurityInterceptSSL030
[Tags] Intercept SSL 解密流量mac
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*twitter.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}${tag}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${MirrorDecryptedTrafficInfo} Create Dictionary MirrorDecryptedTraffic=open MirrorDecryptedTrafficSearchorCreate=Create MirrorDecryptedTrafficname=${TEST NAME}${tag}_解密流量mac Type=mac Shuru=11:11:11:11:11:11
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} MirrorDecryptedTrafficInfo=${MirrorDecryptedTrafficInfo}
PoliciesDelete
SecurityInterceptSSL031
[Tags] Intercept SSL 解密流量vlan
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*twitter.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}${tag}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${MirrorDecryptedTrafficInfo} Create Dictionary MirrorDecryptedTraffic=open MirrorDecryptedTrafficSearchorCreate=Create MirrorDecryptedTrafficname=${TEST NAME}${tag}_解密流量vlan Type=vlan Shuru=111
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} MirrorDecryptedTrafficInfo=${MirrorDecryptedTrafficInfo}
PoliciesDelete
################################################################################################################################
#证书验证
SecurityInterceptSSL032
[Tags] Intercept SSL 根证书
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*facebook.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}${tag}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${Keyring} Create Dictionary KeySearchorCreate=Create Keyname=${TEST NAME}${tag}_根证书1 File=${path}keyrings//root//ca-cer.pem File1=${path}keyrings//root//ca.key ExpiryHours1or2=2 Type=certificateType_select0
... Type1=keyringsadd_publicKeyAlgoSelet1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} Keyring=${Keyring}
PoliciesDelete
SecurityInterceptSSL033
[Tags] Intercept SSL 中间证书
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*google.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}${tag}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${Keyring} Create Dictionary KeySearchorCreate=Create Keyname=${TEST NAME}${tag}_中间证书1 File=${path}keyrings//Intermediate//camiddle.chain.pem File1=${path}keyrings//Intermediate//camiddle.key ExpiryHours1or2=2
... Type=certificateType_select1 Type1=keyringsadd_publicKeyAlgoSelet2
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} Keyring=${Keyring}
PoliciesDelete
SecurityInterceptSSL034
[Tags] Intercept SSL 实体证书
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*twitter.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}${tag}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${Keyring} Create Dictionary KeySearchorCreate=Create Keyname=${TEST NAME}${tag}_实体证书1 File=${path}keyrings//end-entity//caentity.chain.pem File1=${path}keyrings//end-entity//caentity.key ExpiryHours1or2=2
... Type=certificateType_select2 Type1=keyringsadd_publicKeyAlgoSelet3
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} Keyring=${Keyring}
PoliciesDelete
################################################################################################################################
Reference in New Issue View Git Blame Copy Permalink