65 lines
3.9 KiB
Plaintext
65 lines
3.9 KiB
Plaintext
*** Settings ***
|
|
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
|
|
Force Tags tsg_adc Security_Policy
|
|
Library OperatingSystem
|
|
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
|
|
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
|
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
|
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
|
|
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
|
|
|
|
*** Variables ***
|
|
${policyIds} ${EMPTY}
|
|
${objectids} ${EMPTY}
|
|
|
|
*** Test Cases ***
|
|
SecurityPolicy-Deny-DNS-00001
|
|
[Tags] Selfserver Deny Dns Ip+Fqdn右匹配
|
|
Comment 创建fqdn
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*yhd.com
|
|
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} set Variable ${object_fqdn_Id}
|
|
Comment 创建安全策略
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "DNS","method":"drop"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
|
|
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
|
#删除策略
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
Comment 功能端验证HTTP验证
|
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com
|
|
... ELSE set variable nslookup -d www.yhd.com
|
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时
|
|
... ELSE Create List canonical name = www.yhd.com
|
|
${starttime} Get Time
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
${endtime} Get Time
|
|
#日志验证
|
|
${s} Convert to String ${policyId}
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname yhd.com
|
|
|
|
SecurityPolicy-Deny-DNS-00002
|
|
[Tags] Selfserver Deny Dns Ip+Cat完整匹配
|
|
Comment 创建fqdn
|
|
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.toutiao.com
|
|
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} set Variable ${object_fqdn_Id}
|
|
Comment 创建安全策略
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.vip.com","ttl":{"min":300,"max":300}}]}]} isValid=${1} appObjectIdArray=4
|
|
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
|
#删除策略
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
Comment 功能端验证HTTP验证
|
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.toutiao.com
|
|
... ELSE set variable nslookup \ www.toutiao.com
|
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.vip.com
|
|
... ELSE Create List canonical name = www.vip.com
|
|
${starttime} Get Time
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
${endtime} Get Time
|
|
#日志验证
|
|
${s} Convert to String ${policyId}
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname toutiao.com
|