gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
e7242fcb77eb3d277c1aec93ae78c29e73db6e61
dongxiaoyan-tsg-autotest/01-TestCase/tsg_bfapi/security_policy/Security_Policy_Allow_Test.robot
dongxiaoyan e7242fcb77 修改适应20.09版appid调整
2020-09-07 19:46:15 +08:00

746 lines
42 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

*** Settings ***
Test Teardown DeletePolicyAndGroupObject ${policyIds} ${objectIds}
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Object.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Log.robot
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
Resource ../../../03-Variable/ApplicationID.txt
Library json
Library DateTime
*** Variables ***
@{policyIds}
@{profiles}
${objectIds} ${EMPTY}
*** Test Cases ***
Allow-test-001
#新建allow协议单选http
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Create List [${objectId1}]
Comment 创建策略
${policyDict} Create Dictionary policyName=新建allow单选协 action=allow source=${objectId1}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID}
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-002
#新建allow协议单选ssl
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Create List [${objectId1}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=${SSL_ID}
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-003
#新建allow协议单选dns
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Create List [${objectId1}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"DNS"}
... isValid=${1}
... appIdObjects=4
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-004
#新建allow协议单选mail
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Create List [${objectId1}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"MAIL"}
... isValid=${1}
... appIdObjects=5
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-005
#新建allow协议单选ftp
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Create List [${objectId1}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"FTP"}
... isValid=${1}
... appIdObjects=6
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-006
#新建allow协议单选quic
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Create List [${objectId1}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-007
#新建allow协议单选quic
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Create List [${objectId1}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow多选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... isValid=${1}
... userRegion={}
... appIdObjects=${HTTP_ID},3,4,5,6,7
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-008
#新建allowApplication选择HTTPfilter选择host中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create List [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=${HTTP_ID}
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-009
#新建allowApplication选择HTTPfilter选择host中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create List [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=${HTTP_ID}
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-010
#新建allowApplication选择HTTPfilter选择host中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIdlist} Create List ${objectId0} ${objectId} ${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${objectIdlist1} create list ${objectId2}
${objectIds} create list ${objectIdlist1} ${objectIdlist}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=${HTTP_ID}
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-011
#新建allowApplication选择HTTPfilter选择host中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=${HTTP_ID}
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-012
#新建allowApplication选择HTTPfilter选择host中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=${HTTP_ID}
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-013
#新建allowApplication选择HTTPfilter选择host中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIdlist} Create list ${objectId0} ${objectId} ${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${objectIdlist1} create list ${objectId2}
${objectIds} create list ${objectIdlist1} ${objectIdlist}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
...
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=${HTTP_ID}
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-014
#新建allowApplication选择SSLfilter选择SNI中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的fqdn右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=${SSL_ID}
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-015
#新建allowApplication选择SSLfilter选择SNI中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的fqdn完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=${SSL_ID}
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-016
#新建allowApplication选择SSLfilter选择SNI中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIdlist} Create list ${objectId0} ${objectId} ${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${objectIdlist1} create list ${objectId2}
${objectIds} create list ${objectIdlist1} ${objectIdlist}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的fqdn-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=${SSL_ID}
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-017
#新建allowApplication选择SSLfilter选择SNI中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的category右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=${SSL_ID}
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-018
#新建allowApplication选择SSLfilter选择SNI中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择SNI中的category完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=${SSL_ID}
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-019
#新建allowApplication选择SSLfilter选择SNI中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIdlist} Create list ${objectId0} ${objectId} ${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${objectIdlist1} create list ${objectId2}
${objectIds} create list ${objectIdlist1} ${objectIdlist}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的category-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
...
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=${SSL_ID}
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-020
#新建allowApplication选择QUICfilter选择SNI中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-021
#新建allowApplication选择QUICfilter选择SNI中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的fqdn完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-022
#新建allowApplication选择QUICfilter选择SNI中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIdlist} Create list ${objectId0} ${objectId} ${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${objectIdlist1} create list ${objectId2}
${objectIds} create list ${objectIdlist1} ${objectIdlist}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的fqdn-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-023
#新建allowApplication选择QUICfilter选择SNI中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的category右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-024
#新建allowApplication选择QUICfilter选择SNI中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Create list [${objectId},${objectIds}]
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的category完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-025
#新建allowApplication选择QUICfilter选择SNI中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIdlist} Create list ${objectId0} ${objectId} ${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${objectIdlist1} create list ${objectId2}
${objectIds} create list ${objectIdlist1} ${objectIdlist}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的category-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Reference in New Issue View Git Blame Copy Permalink