diff options
| author | zhangchengwei <[email protected]> | 2024-11-28 10:45:02 +0800 |
|---|---|---|
| committer | zhangchengwei <[email protected]> | 2024-11-28 10:45:02 +0800 |
| commit | 5cd0aa40e6789bd6580d6117e3c44f66b068d002 (patch) | |
| tree | 94999be1ba7737d5fbf3ab43b23becffdcd9c1a8 | |
| parent | 5ceb2060637b1eb121a5efec1cbde86a901e9b06 (diff) | |
调整manipulation name
236 files changed, 58312 insertions, 9 deletions
diff --git a/tests/manipulation/man_execute_srcip_2item_in_fqdn_http_substr_url.py b/tests/manipulation/man_execute_srcip_2item_in_fqdn_http_substr_url.py new file mode 100644 index 000000000..6d0066aed --- /dev/null +++ b/tests/manipulation/man_execute_srcip_2item_in_fqdn_http_substr_url.py @@ -0,0 +1,252 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com" + }, + { + "op": "add", + "expr_type": "and", + "expression": "google.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_dstip_http_substr_url.py b/tests/manipulation/man_execute_srcip_dstip_http_substr_url.py new file mode 100644 index 000000000..402f0383e --- /dev/null +++ b/tests/manipulation/man_execute_srcip_dstip_http_substr_url.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_IP", + "name": "manipulation_destination_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_dstport_http_substr_url.py b/tests/manipulation/man_execute_srcip_dstport_http_substr_url.py new file mode 100644 index 000000000..145a1d461 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_dstport_http_substr_url.py @@ -0,0 +1,246 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_PORT", + "name": "manipulation_destination_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "443" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_extip_http_substr_url.py b/tests/manipulation/man_execute_srcip_extip_http_substr_url.py new file mode 100644 index 000000000..402f0383e --- /dev/null +++ b/tests/manipulation/man_execute_srcip_extip_http_substr_url.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_IP", + "name": "manipulation_destination_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_extport_http_substr_url.py b/tests/manipulation/man_execute_srcip_extport_http_substr_url.py new file mode 100644 index 000000000..3c30faf50 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_extport_http_substr_url.py @@ -0,0 +1,246 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_EXTERNAL_PORT", + "name": "manipulation_external_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "443" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_2item_in_url.py b/tests/manipulation/man_execute_srcip_http_2item_in_url.py new file mode 100644 index 000000000..9306b0982 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_2item_in_url.py @@ -0,0 +1,235 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }, + { + "op": "add", + "expr_type": "and", + "expression": "google" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_8andmultisubstr_url.py b/tests/manipulation/man_execute_srcip_http_8andmultisubstr_url.py new file mode 100644 index 000000000..b9a82b8c7 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_8andmultisubstr_url.py @@ -0,0 +1,230 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "www&bai&baidu&com&www.&baid&idu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_pre_url.py b/tests/manipulation/man_execute_srcip_http_pre_url.py new file mode 100644 index 000000000..82a49b977 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_pre_url.py @@ -0,0 +1,230 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu." + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url.py b/tests/manipulation/man_execute_srcip_http_substr_url.py new file mode 100644 index 000000000..974a1b7cd --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url.py @@ -0,0 +1,230 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_2item_in_reqheader_by_ua.py b/tests/manipulation/man_execute_srcip_http_substr_url_2item_in_reqheader_by_ua.py new file mode 100644 index 000000000..bfb0a9179 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_2item_in_reqheader_by_ua.py @@ -0,0 +1,252 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaaa" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_2item_in_resheader_by_ct.py b/tests/manipulation/man_execute_srcip_http_substr_url_2item_in_resheader_by_ct.py new file mode 100644 index 000000000..7b8047c4b --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_2item_in_resheader_by_ct.py @@ -0,0 +1,252 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaass" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua.py b/tests/manipulation/man_execute_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua.py new file mode 100644 index 000000000..2c5c15241 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Wget&Windows&Chrome&Safari&Win64&AppleWebKit&KHTML&Chrome" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_8andmultisubstr_resheader_by_ct.py b/tests/manipulation/man_execute_srcip_http_substr_url_8andmultisubstr_resheader_by_ct.py new file mode 100644 index 000000000..0ca2e6c16 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_8andmultisubstr_resheader_by_ct.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text&html&text&html&text&html&text" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_pre_reqheader_by_ua.py b/tests/manipulation/man_execute_srcip_http_substr_url_pre_reqheader_by_ua.py new file mode 100644 index 000000000..1b0386050 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_pre_reqheader_by_ua.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_pre_resheader_by_ct.py b/tests/manipulation/man_execute_srcip_http_substr_url_pre_resheader_by_ct.py new file mode 100644 index 000000000..0c436da8c --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_pre_resheader_by_ct.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^text" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_substr_reqheader_by_ua.py b/tests/manipulation/man_execute_srcip_http_substr_url_substr_reqheader_by_ua.py new file mode 100644 index 000000000..0f2b0951b --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_substr_reqheader_by_ua.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_substr_reqheader_by_ua_logall.py b/tests/manipulation/man_execute_srcip_http_substr_url_substr_reqheader_by_ua_logall.py new file mode 100644 index 000000000..95fb030cd --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_substr_reqheader_by_ua_logall.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Chrome" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_substr_reqheader_hex_by_ua.py b/tests/manipulation/man_execute_srcip_http_substr_url_substr_reqheader_hex_by_ua.py new file mode 100644 index 000000000..d33cc07d2 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_substr_reqheader_hex_by_ua.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|6375726C|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_substr_resheader_by_ct.py b/tests/manipulation/man_execute_srcip_http_substr_url_substr_resheader_by_ct.py new file mode 100644 index 000000000..27c65e65a --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_substr_resheader_by_ct.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_substr_resheader_hex_by_ct.py b/tests/manipulation/man_execute_srcip_http_substr_url_substr_resheader_hex_by_ct.py new file mode 100644 index 000000000..2a905392a --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_substr_resheader_hex_by_ct.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|746578742F68746D6C|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_suff_reqheader_by_ua.py b/tests/manipulation/man_execute_srcip_http_substr_url_suff_reqheader_by_ua.py new file mode 100644 index 000000000..1b0386050 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_suff_reqheader_by_ua.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_suff_resheader_by_ct.py b/tests/manipulation/man_execute_srcip_http_substr_url_suff_resheader_by_ct.py new file mode 100644 index 000000000..7800cf42b --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_suff_resheader_by_ct.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "html$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_xly_reqheader_by_ua.py b/tests/manipulation/man_execute_srcip_http_substr_url_xly_reqheader_by_ua.py new file mode 100644 index 000000000..453112e77 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_xly_reqheader_by_ua.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_substr_url_xly_resheader_by_ct.py b/tests/manipulation/man_execute_srcip_http_substr_url_xly_resheader_by_ct.py new file mode 100644 index 000000000..f000697f0 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_substr_url_xly_resheader_by_ct.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^text/html$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_suff_url.py b/tests/manipulation/man_execute_srcip_http_suff_url.py new file mode 100644 index 000000000..856e55053 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_suff_url.py @@ -0,0 +1,230 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_suff_url_datacenter.py b/tests/manipulation/man_execute_srcip_http_suff_url_datacenter.py new file mode 100644 index 000000000..fabadb86c --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_suff_url_datacenter.py @@ -0,0 +1,242 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + }, + "effective_range": { + "tag_sets": [ + [ + { + "tag": "data_center", + "value": [ + "center-xxg-tsgx" + ] + } + ] + ] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_http_xly_url.py b/tests/manipulation/man_execute_srcip_http_xly_url.py new file mode 100644 index 000000000..ca33e7a88 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_http_xly_url.py @@ -0,0 +1,230 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu.com/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_intip_http_substr_url.py b/tests/manipulation/man_execute_srcip_intip_http_substr_url.py new file mode 100644 index 000000000..cb800a47a --- /dev/null +++ b/tests/manipulation/man_execute_srcip_intip_http_substr_url.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_IP", + "name": "manipulation_internal_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_intport_http_substr_url.py b/tests/manipulation/man_execute_srcip_intport_http_substr_url.py new file mode 100644 index 000000000..fe54436a8 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_intport_http_substr_url.py @@ -0,0 +1,246 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_PORT", + "name": "manipulation_internal_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "1000-65530" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_pre_fqdn_http_substr_url.py b/tests/manipulation/man_execute_srcip_pre_fqdn_http_substr_url.py new file mode 100644 index 000000000..537531fc0 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_pre_fqdn_http_substr_url.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu." + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_srcport_http_substr_url.py b/tests/manipulation/man_execute_srcip_srcport_http_substr_url.py new file mode 100644 index 000000000..9c396c3b1 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_srcport_http_substr_url.py @@ -0,0 +1,246 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_PORT", + "name": "manipulation_src_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "1000-65530" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_subid_http_pre_url.py b/tests/manipulation/man_execute_srcip_subid_http_pre_url.py new file mode 100644 index 000000000..82e605898 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_subid_http_pre_url.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu." + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_subid_http_substr_url_substr_reqheader_by_ua.py b/tests/manipulation/man_execute_srcip_subid_http_substr_url_substr_reqheader_by_ua.py new file mode 100644 index 000000000..d00a0f49f --- /dev/null +++ b/tests/manipulation/man_execute_srcip_subid_http_substr_url_substr_reqheader_by_ua.py @@ -0,0 +1,264 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_subid_http_substr_url_suff_reqheader_by_ua.py b/tests/manipulation/man_execute_srcip_subid_http_substr_url_suff_reqheader_by_ua.py new file mode 100644 index 000000000..1fc0dc54a --- /dev/null +++ b/tests/manipulation/man_execute_srcip_subid_http_substr_url_suff_reqheader_by_ua.py @@ -0,0 +1,264 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_subid_substr_fqdn_http_substr_url_substr_reqheader_by_ua_substr_resheader_by_ct.py b/tests/manipulation/man_execute_srcip_subid_substr_fqdn_http_substr_url_substr_reqheader_by_ua_substr_resheader_by_ct.py new file mode 100644 index 000000000..a93788209 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_subid_substr_fqdn_http_substr_url_substr_reqheader_by_ua_substr_resheader_by_ct.py @@ -0,0 +1,298 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_substr_fqdn_http_substr_url.py b/tests/manipulation/man_execute_srcip_substr_fqdn_http_substr_url.py new file mode 100644 index 000000000..698b90930 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_substr_fqdn_http_substr_url.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_substr_fqdn_http_substr_url_substr_reqheader_by_ua_substr_resheader_by_ct.py b/tests/manipulation/man_execute_srcip_substr_fqdn_http_substr_url_substr_reqheader_by_ua_substr_resheader_by_ct.py new file mode 100644 index 000000000..787327cf3 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_substr_fqdn_http_substr_url_substr_reqheader_by_ua_substr_resheader_by_ct.py @@ -0,0 +1,281 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_suff_fqdn_http_substr_url.py b/tests/manipulation/man_execute_srcip_suff_fqdn_http_substr_url.py new file mode 100644 index 000000000..dc83fdb27 --- /dev/null +++ b/tests/manipulation/man_execute_srcip_suff_fqdn_http_substr_url.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": ".baidu.com$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_execute_srcip_xly_fqdn_http_substr_url.py b/tests/manipulation/man_execute_srcip_xly_fqdn_http_substr_url.py new file mode 100644 index 000000000..331ae320f --- /dev/null +++ b/tests/manipulation/man_execute_srcip_xly_fqdn_http_substr_url.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "execute", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu.com$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "lua_script": + { + "name": "manipulation_run_script_profile", + "file_path": "run_script_insert.lua", + "max_exec_time": 1000 + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_2item_in_fqdn_http_substr_url_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_2item_in_fqdn_http_substr_url_whole_file_mark.py new file mode 100644 index 000000000..e06aac806 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_2item_in_fqdn_http_substr_url_whole_file_mark.py @@ -0,0 +1,260 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python.org" + }, + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_dstip_subid_substr_url_http_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_dstip_subid_substr_url_http_whole_file_mark.py new file mode 100644 index 000000000..cbc96df4a --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_dstip_subid_substr_url_http_whole_file_mark.py @@ -0,0 +1,273 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_IP", + "name": "manipulation_destination_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_dstip_substr_url_http_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_dstip_substr_url_http_whole_file_mark.py new file mode 100644 index 000000000..d334e2f53 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_dstip_substr_url_http_whole_file_mark.py @@ -0,0 +1,256 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_IP", + "name": "manipulation_destination_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_extip_substr_url_http_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_extip_substr_url_http_whole_file_mark.py new file mode 100644 index 000000000..888a7cdb8 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_extip_substr_url_http_whole_file_mark.py @@ -0,0 +1,256 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_EXTERNAL_IP", + "name": "manipulation_external_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_1_1_xly_url_inside_element_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_1_1_xly_url_inside_element_mark.py new file mode 100644 index 000000000..789541eb2 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_1_1_xly_url_inside_element_mark.py @@ -0,0 +1,239 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.python.org/blogs/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --http1.1 -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter,HTTP/1.1", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_request_line", "query_value": "GET www.python.org/blogs/ HTTP/1.1"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_2_xly_url_inside_element_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_2_xly_url_inside_element_mark.py new file mode 100644 index 000000000..26f38888f --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_2_xly_url_inside_element_mark.py @@ -0,0 +1,239 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.python.org/blogs/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --http2 -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_2item_in_url_inside_element_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_2item_in_url_inside_element_mark.py new file mode 100644 index 000000000..98a8d016e --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_2item_in_url_inside_element_mark.py @@ -0,0 +1,244 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }, + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_8andmultisubstr_url_inside_element_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_8andmultisubstr_url_inside_element_mark.py new file mode 100644 index 000000000..db5fb11d2 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_8andmultisubstr_url_inside_element_mark.py @@ -0,0 +1,239 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "www&www&python&python&org&org&blogs" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_pre_url_inside_element_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_pre_url_inside_element_mark.py new file mode 100644 index 000000000..463d5aceb --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_pre_url_inside_element_mark.py @@ -0,0 +1,239 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.python.org" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_sub_url_sub_fqdn_sub_reqheader_sub_resheader_wholefilemark.py b/tests/manipulation/man_modify_editelement_srcip_http_sub_url_sub_fqdn_sub_reqheader_sub_resheader_wholefilemark.py new file mode 100644 index 000000000..786c8efd7 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_sub_url_sub_fqdn_sub_reqheader_sub_resheader_wholefilemark.py @@ -0,0 +1,306 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Chrome" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_BODY", + "name": "manipulation_keywords_request_body", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "test_request_body" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_2item_in_reqbody_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_2item_in_reqbody_whole_file_mark.py new file mode 100644 index 000000000..2516ead36 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_2item_in_reqbody_whole_file_mark.py @@ -0,0 +1,260 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_BODY", + "name": "manipulation_keywords_request_body", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "test_request_body" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaa" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_2item_in_reqheader_by_ua_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_2item_in_reqheader_by_ua_whole_file_mark.py new file mode 100644 index 000000000..7796bba0a --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_2item_in_reqheader_by_ua_whole_file_mark.py @@ -0,0 +1,260 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testss" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_2item_in_resheader_by_ct_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_2item_in_resheader_by_ct_whole_file_mark.py new file mode 100644 index 000000000..493e5b5b1 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_2item_in_resheader_by_ct_whole_file_mark.py @@ -0,0 +1,260 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaa" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua_whole_file_mark.py new file mode 100644 index 000000000..d4553f545 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Wget&Windows&Win64&AppleWebKit&AppleWebKit&Gecko" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_8andmultisubstr_resheader_by_ct_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_8andmultisubstr_resheader_by_ct_whole_file_mark.py new file mode 100644 index 000000000..ad7367d4c --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_8andmultisubstr_resheader_by_ct_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text&html&html&charset&charset&utf-8&utf-8" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html; charset=utf-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_inside_element_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_inside_element_mark.py new file mode 100644 index 000000000..a3b0d2f39 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_inside_element_mark.py @@ -0,0 +1,239 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_inside_element_mark_inside_element_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_inside_element_mark_inside_element_mark.py new file mode 100644 index 000000000..251f5f51c --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_inside_element_mark_inside_element_mark.py @@ -0,0 +1,252 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }, + { + "anchor_element": + { + "contained_keyword": "Events", + "search_scope": "inside_element", + "start_indicator": "/events/" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_inside_element_remove.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_inside_element_remove.py new file mode 100644 index 000000000..d40bda06f --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_inside_element_remove.py @@ -0,0 +1,239 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "remove", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "CN=TSG", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_pre_reqheader_by_cookie_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_pre_reqheader_by_cookie_whole_file_mark.py new file mode 100644 index 000000000..53031523c --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_pre_reqheader_by_cookie_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "tmp_tsg_cookie" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_resbody", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_cookie", "query_value": "test_name=tmp_tsg_cookie"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_pre_reqheader_by_ua_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_pre_reqheader_by_ua_whole_file_mark.py new file mode 100644 index 000000000..7c9609814 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_pre_reqheader_by_ua_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_pre_resheader_by_ct_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_pre_resheader_by_ct_whole_file_mark.py new file mode 100644 index 000000000..8d1e6597d --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_pre_resheader_by_ct_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html; charset=utf-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqbody_hex_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqbody_hex_whole_file_mark.py new file mode 100644 index 000000000..34694e47c --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqbody_hex_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_BODY", + "name": "manipulation_keywords_request_body", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|746573745F726571756573745F626F6479|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqbody_regex_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqbody_regex_whole_file_mark.py new file mode 100644 index 000000000..875aded8a --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqbody_regex_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_BODY", + "name": "manipulation_keywords_request_body", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": r"test_requ\S\S\S_body" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqbody_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqbody_whole_file_mark.py new file mode 100644 index 000000000..b5c7c8c09 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqbody_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_BODY", + "name": "manipulation_keywords_request_body", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "test_request_body" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqheader_by_ua_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqheader_by_ua_whole_file_mark.py new file mode 100644 index 000000000..773df6e8c --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqheader_by_ua_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqheader_hex_by_ua_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqheader_hex_by_ua_whole_file_mark.py new file mode 100644 index 000000000..fd02a74e6 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqheader_hex_by_ua_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|6375726C|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqheader_regex_by_ua_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqheader_regex_by_ua_whole_file_mark.py new file mode 100644 index 000000000..733f46974 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_reqheader_regex_by_ua_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": r"c\S\Sl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_by_ct_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_by_ct_whole_file_mark.py new file mode 100644 index 000000000..e606a8747 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_by_ct_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_by_setcookie_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_by_setcookie_whole_file_mark.py new file mode 100644 index 000000000..0a465ddc8 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_by_setcookie_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "test_setcook" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_resbody", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_set_cookie", "query_value": "test_setcook"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_hex_by_setcookie_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_hex_by_setcookie_whole_file_mark.py new file mode 100644 index 000000000..e3f89a871 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_hex_by_setcookie_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|746573745F736574636F6F6B|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_resbody", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_set_cookie", "query_value": "test_setcook"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_regex_by_ct_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_regex_by_ct_whole_file_mark.py new file mode 100644 index 000000000..6a43b622e --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_substr_resheader_regex_by_ct_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": r"text/\S\Sml" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_suff_reqheader_by_ua_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_suff_reqheader_by_ua_whole_file_mark.py new file mode 100644 index 000000000..7ace196f5 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_suff_reqheader_by_ua_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_suff_resheader_by_ct_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_suff_resheader_by_ct_whole_file_mark.py new file mode 100644 index 000000000..45e592ed7 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_suff_resheader_by_ct_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "charset=utf-8$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html; charset=utf-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark.py new file mode 100644 index 000000000..4ad7f7176 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark.py @@ -0,0 +1,256 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_IP", + "name": "manipulation_internal_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark_devicegroup.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark_devicegroup.py new file mode 100644 index 000000000..8014ac43a --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark_devicegroup.py @@ -0,0 +1,268 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_IP", + "name": "manipulation_internal_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + }, + "effective_range": { + "tag_sets": [ + [ + { + "tag": "device_group", + "value": [ + "group-xxg-tsgx" + ] + } + ] + ] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark_logall.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark_logall.py new file mode 100644 index 000000000..961c60f89 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark_logall.py @@ -0,0 +1,256 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_IP", + "name": "manipulation_internal_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark_whole_file_mark.py new file mode 100644 index 000000000..11a0a8669 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_mark_whole_file_mark.py @@ -0,0 +1,267 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "test_setcook" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_resbody", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }, + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_set_cookie", "query_value": "test_setcook"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_remove.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_remove.py new file mode 100644 index 000000000..641f99e19 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_whole_file_remove.py @@ -0,0 +1,238 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "remove", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "CN=TSG", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_xly_reqheader_by_ua_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_xly_reqheader_by_ua_whole_file_mark.py new file mode 100644 index 000000000..7b463136a --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_xly_reqheader_by_ua_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_substr_url_xly_resheader_by_ct_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_xly_resheader_by_ct_whole_file_mark.py new file mode 100644 index 000000000..79145e599 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_substr_url_xly_resheader_by_ct_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^text/html; charset=utf-8$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html; charset=utf-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_suff_url_inside_element_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_suff_url_inside_element_mark.py new file mode 100644 index 000000000..a19e9749b --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_suff_url_inside_element_mark.py @@ -0,0 +1,239 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "blogs/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_http_xly_url_inside_element_mark.py b/tests/manipulation/man_modify_editelement_srcip_http_xly_url_inside_element_mark.py new file mode 100644 index 000000000..dd619db49 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_http_xly_url_inside_element_mark.py @@ -0,0 +1,239 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.python.org/blogs/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_intip_http_substr_url_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_intip_http_substr_url_whole_file_mark.py new file mode 100644 index 000000000..961c60f89 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_intip_http_substr_url_whole_file_mark.py @@ -0,0 +1,256 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_IP", + "name": "manipulation_internal_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_pre_fqdn_http_substr_url_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_pre_fqdn_http_substr_url_whole_file_mark.py new file mode 100644 index 000000000..8f20e0831 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_pre_fqdn_http_substr_url_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.python." + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_subid_http_substr_url_inside_element_remove.py b/tests/manipulation/man_modify_editelement_srcip_subid_http_substr_url_inside_element_remove.py new file mode 100644 index 000000000..877494de2 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_subid_http_substr_url_inside_element_remove.py @@ -0,0 +1,256 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Copyright", + "search_scope": "inside_element", + "start_indicator": "widget-title" + }, + "target_element": + { + "element_treatment": "remove", + "target_distance_from_matching": 0 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "CN=TSG", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_subid_http_substr_url_substr_reqbody_hex_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_subid_http_substr_url_substr_reqbody_hex_whole_file_mark.py new file mode 100644 index 000000000..2053fddbf --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_subid_http_substr_url_substr_reqbody_hex_whole_file_mark.py @@ -0,0 +1,272 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_BODY", + "name": "manipulation_keywords_request_body", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|746573745F726571756573745F626F6479|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "test_request_body", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_subid_xly_fqdn_http_substr_url_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_subid_xly_fqdn_http_substr_url_whole_file_mark.py new file mode 100644 index 000000000..656e77126 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_subid_xly_fqdn_http_substr_url_whole_file_mark.py @@ -0,0 +1,272 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.python.org$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_substr_fqdn_http_substr_url_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_substr_fqdn_http_substr_url_whole_file_mark.py new file mode 100644 index 000000000..a36303b32 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_substr_fqdn_http_substr_url_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python.org" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_suff_fqdn_http_substr_url_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_suff_fqdn_http_substr_url_whole_file_mark.py new file mode 100644 index 000000000..6dda8b8ae --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_suff_fqdn_http_substr_url_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": ".python.org$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_editelement_srcip_xly_fqdn_http_substr_url_whole_file_mark.py b/tests/manipulation/man_modify_editelement_srcip_xly_fqdn_http_substr_url_whole_file_mark.py new file mode 100644 index 000000000..876b8cff6 --- /dev/null +++ b/tests/manipulation/man_modify_editelement_srcip_xly_fqdn_http_substr_url_whole_file_mark.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.python.org$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "edit_element", + "rules": [ + { + "anchor_element": + { + "contained_keyword": "Python", + "search_scope": "whole_file" + }, + "target_element": + { + "element_treatment": "mark", + "target_distance_from_matching": 1 + } + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --compressed --connect-timeout 30 --max-time 60 https://www.python.org/blogs/" + } + + verification_result = { + "excepted_traffic_result": "need_filter", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/blogs/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectcss_srcip_http_2item_in_url.py b/tests/manipulation/man_modify_injectcss_srcip_http_2item_in_url.py new file mode 100644 index 000000000..cc9bc4d2c --- /dev/null +++ b/tests/manipulation/man_modify_injectcss_srcip_http_2item_in_url.py @@ -0,0 +1,235 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }, + { + "op": "add", + "expr_type": "and", + "expression": "google" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_css", + "css_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_css_1.css" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "background:Gray,CN=TSG", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectcss_srcip_http_substr_url.py b/tests/manipulation/man_modify_injectcss_srcip_http_substr_url.py new file mode 100644 index 000000000..06179b99c --- /dev/null +++ b/tests/manipulation/man_modify_injectcss_srcip_http_substr_url.py @@ -0,0 +1,230 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_css", + "css_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_css_1.css" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "background:Gray,CN=TSG", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectcss_srcip_http_substr_url_datacenter.py b/tests/manipulation/man_modify_injectcss_srcip_http_substr_url_datacenter.py new file mode 100644 index 000000000..699914dfa --- /dev/null +++ b/tests/manipulation/man_modify_injectcss_srcip_http_substr_url_datacenter.py @@ -0,0 +1,242 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_css", + "css_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_css_1.css" + } + }, + "effective_range": { + "tag_sets": [ + [ + { + "tag": "data_center", + "value": [ + "center-xxg-tsgx" + ] + } + ] + ] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "background:Gray,CN=TSG", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_2item_in_fqdn_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_2item_in_fqdn_http_substr_url.py new file mode 100644 index 000000000..547c675c6 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_2item_in_fqdn_http_substr_url.py @@ -0,0 +1,253 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com" + }, + { + "op": "add", + "expr_type": "and", + "expression": "google.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_dstip_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_dstip_http_substr_url.py new file mode 100644 index 000000000..9029a56f4 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_dstip_http_substr_url.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_IP", + "name": "manipulation_destination_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_dstport_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_dstport_http_substr_url.py new file mode 100644 index 000000000..5fb303ffa --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_dstport_http_substr_url.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_PORT", + "name": "manipulation_destination_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "443" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_extip_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_extip_http_substr_url.py new file mode 100644 index 000000000..934faf890 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_extip_http_substr_url.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_EXTERNAL_IP", + "name": "manipulation_external_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_extip_subid_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_extip_subid_http_substr_url.py new file mode 100644 index 000000000..4236099c3 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_extip_subid_http_substr_url.py @@ -0,0 +1,266 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_EXTERNAL_IP", + "name": "manipulation_external_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_extport_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_extport_http_substr_url.py new file mode 100644 index 000000000..3cb4d8772 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_extport_http_substr_url.py @@ -0,0 +1,246 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_EXTERNAL_PORT", + "name": "manipulation_external_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "443" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_8andmultisubstr_url_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_8andmultisubstr_url_jsbeforepageload.py new file mode 100644 index 000000000..3af1c05d8 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_8andmultisubstr_url_jsbeforepageload.py @@ -0,0 +1,231 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "www&.bai&du.&com/&www&baidu&com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_pre_url_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_pre_url_jsbeforepageload.py new file mode 100644 index 000000000..a6be18839 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_pre_url_jsbeforepageload.py @@ -0,0 +1,231 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url.py new file mode 100644 index 000000000..408ad76fb --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url.py @@ -0,0 +1,231 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_2item_in_reqheader_by_ua.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_2item_in_reqheader_by_ua.py new file mode 100644 index 000000000..9b7024680 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_2item_in_reqheader_by_ua.py @@ -0,0 +1,253 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaa" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_2item_in_resheader_by_ct.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_2item_in_resheader_by_ct.py new file mode 100644 index 000000000..7726ee5f5 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_2item_in_resheader_by_ct.py @@ -0,0 +1,253 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaaa" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua_jsafterpageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua_jsafterpageload.py new file mode 100644 index 000000000..3a0984f6c --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua_jsafterpageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Wget&Windows&Win64&AppleWebKit&AppleWebKit&Gecko&Gecko" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_body", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_8andmultisubstr_resheader_by_ct_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_8andmultisubstr_resheader_by_ct_jsbeforepageload.py new file mode 100644 index 000000000..df5de2383 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_8andmultisubstr_resheader_by_ct_jsbeforepageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text&html&html&charset&charset&UTF-8&UTF" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_jsafterpageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_jsafterpageload.py new file mode 100644 index 000000000..f514b02cd --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_jsafterpageload.py @@ -0,0 +1,231 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_body", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_pre_reqheader_by_ua_jsafterpageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_pre_reqheader_by_ua_jsafterpageload.py new file mode 100644 index 000000000..703e44c63 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_pre_reqheader_by_ua_jsafterpageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_body", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_pre_reqheader_by_ua_jsafterpageload_logall.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_pre_reqheader_by_ua_jsafterpageload_logall.py new file mode 100644 index 000000000..3f804fbcb --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_pre_reqheader_by_ua_jsafterpageload_logall.py @@ -0,0 +1,250 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_body", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"}, + {"query_field_key": "http_request_body", "query_value": True}, + {"query_field_key": "http_response_body", "query_value": True} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_pre_resheader_by_ct_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_pre_resheader_by_ct_jsbeforepageload.py new file mode 100644 index 000000000..6d69b3c90 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_pre_resheader_by_ct_jsbeforepageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_by_cookie.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_by_cookie.py new file mode 100644 index 000000000..22fbfd370 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_by_cookie.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "tmp_tsg_cookie" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_cookie", "query_value": "test_name=tmp_tsg_cookie"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_by_ua.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_by_ua.py new file mode 100644 index 000000000..bd74412da --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_by_ua.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_hex_by_cookie.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_hex_by_cookie.py new file mode 100644 index 000000000..3d843f220 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_hex_by_cookie.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|746D705F7473675F636F6F6B6965|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_cookie", "query_value": "test_name=tmp_tsg_cookie"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_regex_by_ua.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_regex_by_ua.py new file mode 100644 index 000000000..10f091bb2 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_reqheader_regex_by_ua.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": r"c\S\Sl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_by_ct.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_by_ct.py new file mode 100644 index 000000000..fe3062caf --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_by_ct.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_by_setcookie.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_by_setcookie.py new file mode 100644 index 000000000..e7398df04 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_by_setcookie.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "test_setcook" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_set_cookie", "query_value": "test_setcook"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_hex_by_setcookie.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_hex_by_setcookie.py new file mode 100644 index 000000000..00bad4cea --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_hex_by_setcookie.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|746573745F736574636F6F6B|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_set_cookie", "query_value": "test_setcook"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_regex_by_ct.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_regex_by_ct.py new file mode 100644 index 000000000..5541e7175 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_substr_resheader_regex_by_ct.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": r"text/\S\S\Sl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_suff_reqheader_by_ua_jsafterpageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_suff_reqheader_by_ua_jsafterpageload.py new file mode 100644 index 000000000..03a7dc32c --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_suff_reqheader_by_ua_jsafterpageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_body", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_suff_resheader_by_ct_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_suff_resheader_by_ct_jsbeforepageload.py new file mode 100644 index 000000000..1a6319fa8 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_suff_resheader_by_ct_jsbeforepageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "charset=UTF-8$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_xly_reqheader_by_ua_jsafterpageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_xly_reqheader_by_ua_jsafterpageload.py new file mode 100644 index 000000000..c71d0249c --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_xly_reqheader_by_ua_jsafterpageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_body", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_xly_resheader_by_ct_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_xly_resheader_by_ct_jsbeforepageload.py new file mode 100644 index 000000000..ac76ee7e2 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_substr_url_xly_resheader_by_ct_jsbeforepageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^text/html;charset=UTF-8$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_suff_url_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_suff_url_jsbeforepageload.py new file mode 100644 index 000000000..ee10d9111 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_suff_url_jsbeforepageload.py @@ -0,0 +1,231 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_http_xly_url_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_http_xly_url_jsbeforepageload.py new file mode 100644 index 000000000..a3dda1550 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_http_xly_url_jsbeforepageload.py @@ -0,0 +1,231 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu.com/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_intip_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_intip_http_substr_url.py new file mode 100644 index 000000000..0fab20175 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_intip_http_substr_url.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_IP", + "name": "manipulation_internal_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_intport_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_intport_http_substr_url.py new file mode 100644 index 000000000..f8202e5cc --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_intport_http_substr_url.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_PORT", + "name": "manipulation_internal_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "1000-65530" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_pre_fqdn_http_substr_url_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_pre_fqdn_http_substr_url_jsbeforepageload.py new file mode 100644 index 000000000..c204794b9 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_pre_fqdn_http_substr_url_jsbeforepageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu." + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_srcport_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_srcport_http_substr_url.py new file mode 100644 index 000000000..132e10a38 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_srcport_http_substr_url.py @@ -0,0 +1,247 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_PORT", + "name": "manipulation_src_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "1000-65530" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_subid_http_substr_url_pre_reqheader_by_ua_jsafterpageload.py b/tests/manipulation/man_modify_injectjs_srcip_subid_http_substr_url_pre_reqheader_by_ua_jsafterpageload.py new file mode 100644 index 000000000..b5d33cfa5 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_subid_http_substr_url_pre_reqheader_by_ua_jsafterpageload.py @@ -0,0 +1,265 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget (Win" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_body", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_subid_http_substr_url_substr_resheader_by_ct.py b/tests/manipulation/man_modify_injectjs_srcip_subid_http_substr_url_substr_resheader_by_ct.py new file mode 100644 index 000000000..7be009e00 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_subid_http_substr_url_substr_resheader_by_ct.py @@ -0,0 +1,265 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_substr_fqdn_http_substr_url.py b/tests/manipulation/man_modify_injectjs_srcip_substr_fqdn_http_substr_url.py new file mode 100644 index 000000000..2a3f62ced --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_substr_fqdn_http_substr_url.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_substr_fqdn_http_substr_url_substr_reqheader_by_ua_substr_resheader_by_ct.py b/tests/manipulation/man_modify_injectjs_srcip_substr_fqdn_http_substr_url_substr_reqheader_by_ua_substr_resheader_by_ct.py new file mode 100644 index 000000000..4fe16db30 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_substr_fqdn_http_substr_url_substr_reqheader_by_ua_substr_resheader_by_ct.py @@ -0,0 +1,282 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_suff_fqdn_http_substr_url_jsbeforepageload.py b/tests/manipulation/man_modify_injectjs_srcip_suff_fqdn_http_substr_url_jsbeforepageload.py new file mode 100644 index 000000000..b239b4bec --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_suff_fqdn_http_substr_url_jsbeforepageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": ".baidu.com$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_head", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_injectjs_srcip_xly_fqdn_http_substr_url_jsafterpageload.py b/tests/manipulation/man_modify_injectjs_srcip_xly_fqdn_http_substr_url_jsafterpageload.py new file mode 100644 index 000000000..f69acc1c3 --- /dev/null +++ b/tests/manipulation/man_modify_injectjs_srcip_xly_fqdn_http_substr_url_jsafterpageload.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu.com$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "inject_javascript", + "injection_section": "html_body", + "js_file": + { + "name": "manipulation_insert_profile", + "file_path": "insert_js_1.js" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "test_case_javascript", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_2item_in_fqdn_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_2item_in_fqdn_http_substr_url.py new file mode 100644 index 000000000..a3e424e8d --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_2item_in_fqdn_http_substr_url.py @@ -0,0 +1,254 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com" + }, + { + "op": "add", + "expr_type": "and", + "expression": "google.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_dstip_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_dstip_http_substr_url.py new file mode 100644 index 000000000..7e872e915 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_dstip_http_substr_url.py @@ -0,0 +1,250 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_IP", + "name": "manipulation_destination_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_dstport_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_dstport_http_substr_url.py new file mode 100644 index 000000000..21ea384e4 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_dstport_http_substr_url.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_PORT", + "name": "manipulation_destination_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "443" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_extip_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_extip_http_substr_url.py new file mode 100644 index 000000000..ddf5892c8 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_extip_http_substr_url.py @@ -0,0 +1,250 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_EXTERNAL_IP", + "name": "manipulation_external_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": "192.168.40.206", + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_extport_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_extport_http_substr_url.py new file mode 100644 index 000000000..75e264c77 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_extport_http_substr_url.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_PORT", + "name": "manipulation_destination_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "443" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_1_1_pre_url.py b/tests/manipulation/man_modify_replacefile_srcip_http_1_1_pre_url.py new file mode 100644 index 000000000..0c788dd79 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_1_1_pre_url.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu." + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --http1.1 -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style,HTTP/1.1", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_request_line", "query_value": "GET www.baidu.com/ HTTP/1.1"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_2_pre_url.py b/tests/manipulation/man_modify_replacefile_srcip_http_2_pre_url.py new file mode 100644 index 000000000..1f2e615ae --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_2_pre_url.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.caltech." + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --http2 -kv --connect-timeout 30 --max-time 60 https://www.caltech.edu/" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.caltech.edu"}, + {"query_field_key": "http_url", "query_value": "www.caltech.edu/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_2item_in_url.py b/tests/manipulation/man_modify_replacefile_srcip_http_2item_in_url.py new file mode 100644 index 000000000..1a2704fb6 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_2item_in_url.py @@ -0,0 +1,237 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }, + { + "op": "add", + "expr_type": "and", + "expression": "google" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_8andmultisubstr_url.py b/tests/manipulation/man_modify_replacefile_srcip_http_8andmultisubstr_url.py new file mode 100644 index 000000000..f446c661b --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_8andmultisubstr_url.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "www&.bai&du.&com/&www&baidu&com&baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_pre_url.py b/tests/manipulation/man_modify_replacefile_srcip_http_pre_url.py new file mode 100644 index 000000000..b252eb078 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_pre_url.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu." + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_sub_fqdn_sub_url_sub_reqheader_by_ua_sub_resheader_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_http_sub_fqdn_sub_url_sub_reqheader_by_ua_sub_resheader_by_ct.py new file mode 100644 index 000000000..d637ff367 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_sub_fqdn_sub_url_sub_reqheader_by_ua_sub_resheader_by_ct.py @@ -0,0 +1,283 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url.py new file mode 100644 index 000000000..e721dfbeb --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_2item_in_reqheader_by_ua.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_2item_in_reqheader_by_ua.py new file mode 100644 index 000000000..f2a98f309 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_2item_in_reqheader_by_ua.py @@ -0,0 +1,254 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaa" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_2item_in_resheader_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_2item_in_resheader_by_ct.py new file mode 100644 index 000000000..ebb3b54c4 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_2item_in_resheader_by_ct.py @@ -0,0 +1,254 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaa" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua.py new file mode 100644 index 000000000..4585cff94 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Wget&Windows&Win64&AppleWebKit&AppleWebKit&Gecko&Gecko&Wget" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_8andmultisubstr_resheader_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_8andmultisubstr_resheader_by_ct.py new file mode 100644 index 000000000..786c4fc2d --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_8andmultisubstr_resheader_by_ct.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text&html&html&charset&charset&UTF&UTF&text" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_datacenter.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_datacenter.py new file mode 100644 index 000000000..cc8adb922 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_datacenter.py @@ -0,0 +1,244 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + }, + "effective_range": { + "tag_sets": [ + [ + { + "tag": "data_center", + "value": [ + "center-xxg-tsgx" + ] + } + ] + ] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefileapk.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefileapk.py new file mode 100644 index 000000000..bea4fb491 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefileapk.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_apk_1.apk", + "content_name": "hijack_apk_1.apk", + "content_type": "application/vnd.android.package-archive" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.baidu.com --output test1.1" + } + + verification_result = { + "excepted_traffic_result": "hijack_apk_1.apk", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefileexe.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefileexe.py new file mode 100644 index 000000000..7dc64208b --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefileexe.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_exe_1.exe", + "content_name": "hijack_exe_1.exe", + "content_type": "application/x-msdos-program" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.baidu.com --output test1.1" + } + + verification_result = { + "excepted_traffic_result": "hijack_exe_1.exe", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilegif.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilegif.py new file mode 100644 index 000000000..0e34241ae --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilegif.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_gif_1.gif", + "content_name": "hijack_gif_1.gif", + "content_type": "image/gif" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.baidu.com --output test1.1" + } + + verification_result = { + "excepted_traffic_result": "hijack_gif_1.gif", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilejpeg.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilejpeg.py new file mode 100644 index 000000000..c1ecdce2f --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilejpeg.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_jpeg_1.jpeg", + "content_name": "hijack_jpeg_1.jpeg", + "content_type": "image/jpeg" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.baidu.com --output test1.1" + } + + verification_result = { + "excepted_traffic_result": "hijack_jpeg_1.jpeg", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilepng.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilepng.py new file mode 100644 index 000000000..d9326bb25 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilepng.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_png_1.png", + "content_name": "hijack_png_1.png", + "content_type": "image/png" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.baidu.com --output test1.1" + } + + verification_result = { + "excepted_traffic_result": "hijack_png_1.png", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilesvg.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilesvg.py new file mode 100644 index 000000000..0f31b08c5 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_modify_replacefilesvg.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_svg_1.svg", + "content_name": "hijack_svg_1.svg", + "content_type": "image/svg+xml" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.baidu.com --output test1.1" + } + + verification_result = { + "excepted_traffic_result": "hijack_svg_1.svg", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_pre_reqheader_by_ua.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_pre_reqheader_by_ua.py new file mode 100644 index 000000000..74d30a02d --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_pre_reqheader_by_ua.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_pre_resheader_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_pre_resheader_by_ct.py new file mode 100644 index 000000000..82c421223 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_pre_resheader_by_ct.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_by_cookie.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_by_cookie.py new file mode 100644 index 000000000..462bb95f6 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_by_cookie.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "tmp_tsg_cookie" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_cookie", "query_value": "test_name=tmp_tsg_cookie"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_by_ua.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_by_ua.py new file mode 100644 index 000000000..2b7db98ea --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_by_ua.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_hex_by_ua.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_hex_by_ua.py new file mode 100644 index 000000000..db73d916b --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_hex_by_ua.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|6375726C|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_regex_by_ua.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_regex_by_ua.py new file mode 100644 index 000000000..2894e493d --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_reqheader_regex_by_ua.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": "c\S\Sl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_by_ct.py new file mode 100644 index 000000000..69544fca8 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_by_ct.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_by_setcookie.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_by_setcookie.py new file mode 100644 index 000000000..aba81ced2 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_by_setcookie.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "test_setcook" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_set_cookie", "query_value": "test_setcook"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_hex_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_hex_by_ct.py new file mode 100644 index 000000000..0614374f4 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_hex_by_ct.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|746578742F68746D6C|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_regex_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_regex_by_ct.py new file mode 100644 index 000000000..16e79ca6c --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_substr_resheader_regex_by_ct.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": r"text/\S\S\Sl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_suff_reqheader_by_ua.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_suff_reqheader_by_ua.py new file mode 100644 index 000000000..3ec7e0120 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_suff_reqheader_by_ua.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_suff_resheader_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_suff_resheader_by_ct.py new file mode 100644 index 000000000..9efb45630 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_suff_resheader_by_ct.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "charset=UTF-8$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_xly_reqheader_by_ua.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_xly_reqheader_by_ua.py new file mode 100644 index 000000000..05c8236ca --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_xly_reqheader_by_ua.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_xly_resheader_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_xly_resheader_by_ct.py new file mode 100644 index 000000000..4667ccce0 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_substr_url_xly_resheader_by_ct.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^text/html;charset=UTF-8$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_suff_url.py b/tests/manipulation/man_modify_replacefile_srcip_http_suff_url.py new file mode 100644 index 000000000..f134eb870 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_suff_url.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_http_xly_url.py b/tests/manipulation/man_modify_replacefile_srcip_http_xly_url.py new file mode 100644 index 000000000..76b18f8b7 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_http_xly_url.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu.com/$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_intip_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_intip_http_substr_url.py new file mode 100644 index 000000000..5b56ea43a --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_intip_http_substr_url.py @@ -0,0 +1,250 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_IP", + "name": "manipulation_internal_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_intport_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_intport_http_substr_url.py new file mode 100644 index 000000000..b0f184b56 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_intport_http_substr_url.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_PORT", + "name": "manipulation_internal_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "1000-65530" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_pre_fqdn_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_pre_fqdn_http_substr_url.py new file mode 100644 index 000000000..d2d815315 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_pre_fqdn_http_substr_url.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu." + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_srcport_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_srcport_http_substr_url.py new file mode 100644 index 000000000..30ba6886e --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_srcport_http_substr_url.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_PORT", + "name": "manipulation_src_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "1000-65530" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_subid_http_sub_fqdn_sub_url_sub_reqheader_by_ua_sub_resheader_by_ct.py b/tests/manipulation/man_modify_replacefile_srcip_subid_http_sub_fqdn_sub_url_sub_reqheader_by_ua_sub_resheader_by_ct.py new file mode 100644 index 000000000..ba6d01f27 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_subid_http_sub_fqdn_sub_url_sub_reqheader_by_ua_sub_resheader_by_ct.py @@ -0,0 +1,300 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_subid_http_substr_url_modify_replacefilegif.py b/tests/manipulation/man_modify_replacefile_srcip_subid_http_substr_url_modify_replacefilegif.py new file mode 100644 index 000000000..9d75ce355 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_subid_http_substr_url_modify_replacefilegif.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_gif_1.gif", + "content_name": "hijack_gif_1.gif", + "content_type": "image/gif" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.baidu.com --output test1.1" + } + + verification_result = { + "excepted_traffic_result": "hijack_gif_1.gif", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_subid_http_substr_url_substr_reqheader_hex_by_ua.py b/tests/manipulation/man_modify_replacefile_srcip_subid_http_substr_url_substr_reqheader_hex_by_ua.py new file mode 100644 index 000000000..0de0d79d6 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_subid_http_substr_url_substr_reqheader_hex_by_ua.py @@ -0,0 +1,266 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|6375726C|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_subid_http_substr_url_substr_resheader_by_setcookie.py b/tests/manipulation/man_modify_replacefile_srcip_subid_http_substr_url_substr_resheader_by_setcookie.py new file mode 100644 index 000000000..609507cf4 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_subid_http_substr_url_substr_resheader_by_setcookie.py @@ -0,0 +1,266 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "test_setcook" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_set_cookie", "query_value": "test_setcook"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_substr_fqdn_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_substr_fqdn_http_substr_url.py new file mode 100644 index 000000000..0c44751c7 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_substr_fqdn_http_substr_url.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_suff_fqdn_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_suff_fqdn_http_substr_url.py new file mode 100644 index 000000000..3178ae741 --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_suff_fqdn_http_substr_url.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": ".baidu.com$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacefile_srcip_xly_fqdn_http_substr_url.py b/tests/manipulation/man_modify_replacefile_srcip_xly_fqdn_http_substr_url.py new file mode 100644 index 000000000..39661bcce --- /dev/null +++ b/tests/manipulation/man_modify_replacefile_srcip_xly_fqdn_http_substr_url.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.baidu.com$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_file", + "replacement_file": + { + "name": "manipulation_hijack_profile", + "file_path": "hijack_html_1.html", + "content_name": "hijack_html_1.html", + "content_type": "text/html" + } + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl -kv --connect-timeout 30 --max-time 60 https://www.baidu.com" + } + + verification_result = { + "excepted_traffic_result": "this.piece.style", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.baidu.com"}, + {"query_field_key": "http_url", "query_value": "www.baidu.com/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_2item_in_fqdn_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_2item_in_fqdn_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..52583d216 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_2item_in_fqdn_http_substr_url_search_in_uri.py @@ -0,0 +1,254 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }, + { + "op": "add", + "expr_type": "and", + "expression": "baidu" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_dstport_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_dstport_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..5c161f1b9 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_dstport_http_substr_url_search_in_uri.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_DESTINATION_PORT", + "name": "manipulation_destination_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "443" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_extport_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_extport_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..a94d8ff3b --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_extport_http_substr_url_search_in_uri.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_EXTERNAL_PORT", + "name": "manipulation_external_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "443" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_2item_in_url_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_2item_in_url_search_in_response_body.py new file mode 100644 index 000000000..ff9ecb667 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_2item_in_url_search_in_response_body.py @@ -0,0 +1,237 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }, + { + "op": "add", + "expr_type": "and", + "expression": "baidu.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_res_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_8andmultisubstr_url_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_8andmultisubstr_url_search_in_response_body.py new file mode 100644 index 000000000..2473ec5a3 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_8andmultisubstr_url_search_in_response_body.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com&open.node.com&open.node.com&open.node.com&open.node.com&open.node.com&open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_res_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_url", "query_value": "open.node.com:1443/go"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_pre_url_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_pre_url_search_in_response_body.py new file mode 100644 index 000000000..f55e3fdb5 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_pre_url_search_in_response_body.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^open.node" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_res_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_url", "query_value": "open.node.com:1443/go"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_2item_in_reqheader_by_ua_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_2item_in_reqheader_by_ua_search_in_uri.py new file mode 100644 index 000000000..dba6c7dad --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_2item_in_reqheader_by_ua_search_in_uri.py @@ -0,0 +1,254 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaaa" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_2item_in_resheader_by_ct_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_2item_in_resheader_by_ct_search_in_response_body.py new file mode 100644 index 000000000..562d05720 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_2item_in_resheader_by_ct_search_in_response_body.py @@ -0,0 +1,254 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "charset=UTF-8" + }, + { + "op": "add", + "expr_type": "and", + "expression": "testaaa" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "documentation_test_case" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "documentation_test_case", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua_search_in_uri.py new file mode 100644 index 000000000..71504891e --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_8andmultisubstr_reqheader_by_ua_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Wget&Windows&Chrome&Safari&Win64&AppleWebKit&KHTML" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_8andmultisubstr_resheader_by_ct_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_8andmultisubstr_resheader_by_ct_search_in_response_body.py new file mode 100644 index 000000000..cfcc228c4 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_8andmultisubstr_resheader_by_ct_search_in_response_body.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text&html&charset&UTF-8&text/html&;char&set=" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "documentation_test_case" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "documentation_test_case", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_pre_reqheader_by_ua_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_pre_reqheader_by_ua_search_in_uri.py new file mode 100644 index 000000000..4034c832e --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_pre_reqheader_by_ua_search_in_uri.py @@ -0,0 +1,255 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }, + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "PyPI", + "replace_with": "replace_pypi" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "replace_pypi", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_pre_reqheader_by_ua_search_in_uri_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_pre_reqheader_by_ua_search_in_uri_response_body.py new file mode 100644 index 000000000..6efeb5cb9 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_pre_reqheader_by_ua_search_in_uri_response_body.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_pre_resheader_by_ct_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_pre_resheader_by_ct_search_in_response_body.py new file mode 100644 index 000000000..44c3bf164 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_pre_resheader_by_ct_search_in_response_body.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "charset=UTF-8$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "documentation_test_case" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "documentation_test_case", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_request_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_request_body.py new file mode 100644 index 000000000..61450b264 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_request_body.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 1, + "search_in": "http_req_body", + "find": "test_request_body", + "replace_with": "replace_test_req_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_req_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_request_header.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_request_header.py new file mode 100644 index 000000000..2e546f988 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_request_header.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 1, + "search_in": "http_req_header", + "find": "Chrome/78.0.\d*.\d*\sSafari", + "replace_with": "Chrome/78.0.4905.80 Safari" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_req_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_response_body.py new file mode 100644 index 000000000..1de73e0cd --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_response_body.py @@ -0,0 +1,233 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "www.8684.cn" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 1, + "search_in": "http_resp_body", + "find": r"[0-9]{3}-[\d]{8}", + #"find": r"\s[0-9]{3}-[\d]{8}\s", + "replace_with": "aaa-bbbbbbbb" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.8684.cn/code_c_114", + } + + verification_result = { + "excepted_traffic_result": "aaa-bbbbbbbb", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.8684.cn"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_response_body_2.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_response_body_2.py new file mode 100644 index 000000000..c4073f5cb --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_response_body_2.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "www.libertyfund.org" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 1, + "search_in": "http_resp_body", + "find": r'http\S*\.jpg', + "replace_with": "https://www.baidu.com/img/PCtm_d9c8750bed0b3c7d089fa7d55720d6cf.png" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.libertyfund.org/" + } + + verification_result = { + "excepted_traffic_result": "www.baidu.com/img", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.libertyfund.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_response_header.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_response_header.py new file mode 100644 index 000000000..56ab19d63 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_response_header.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 1, + "search_in": "http_resp_header", + "find": "test_\S\S\Scook", + "replace_with": "test_replace_regex_ok" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_replace_regex_ok", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_uri.py new file mode 100644 index 000000000..e87c7dc88 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_regex_uri.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "www.cheaptickets.nl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 1, + "search_in": "http_req_uri", + "find": "(ei).*(en)", + "replace_with": "fietsroutes" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.cheaptickets.nl/vliegtickets/kroatie/eilanden" + } + + verification_result = { + "excepted_traffic_result": "kleinste", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.cheaptickets.nl"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_body.py new file mode 100644 index 000000000..acd266f99 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_body.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_body", + "find": "test_request_body", + "replace_with": "replace_test_req_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_req_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_body_and_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_body_and_response_body.py new file mode 100644 index 000000000..6ea4fe3df --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_body_and_response_body.py @@ -0,0 +1,238 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_body", + "find": "test_request_body", + "replace_with": "replace_test_req_content" + }, + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_resbody" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_req_content,replace_test_res_resbody", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_body_logall.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_body_logall.py new file mode 100644 index 000000000..c7b4079ea --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_body_logall.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_body", + "find": "test_request_body", + "replace_with": "replace_test_req_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_req_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_header.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_header.py new file mode 100644 index 000000000..d2ebc3345 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_header.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_header", + "find": "78.0.3904.70", + "replace_with": "88.0.3904.80" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_request_body", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_header_and_response_header.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_header_and_response_header.py new file mode 100644 index 000000000..d3be8863c --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_header_and_response_header.py @@ -0,0 +1,238 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_header", + "find": "tmp_tsg_cookie", + "replace_with": "replace_test_tsg_cookie_cont" + }, + { + "regex_enable": 0, + "search_in": "http_resp_header", + "find": "test_setcook", + "replace_with": "replace_test_setcook_cont" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "test_resbody", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_header_request_body_and_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_header_request_body_and_response_body.py new file mode 100644 index 000000000..d4194eb60 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_request_header_request_body_and_response_body.py @@ -0,0 +1,244 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_header", + "find": "tmp_tsg_cookie", + "replace_with": "replace_test_tsg_cookie_cont" + }, + { + "regex_enable": 0, + "search_in": "http_req_body", + "find": "test_request_body", + "replace_with": "replace_test_req_content" + }, + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_resbody" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_req_content,replace_test_res_resbody", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_response_body.py new file mode 100644 index 000000000..128da63ee --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_response_body.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_res_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_response_header.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_response_header.py new file mode 100644 index 000000000..a4e375908 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_response_header.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_header", + "find": "test_setcook", + "replace_with": "replace_setcook_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_setcook_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..87e52d2da --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_search_in_uri.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_reqheader_by_ua_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_reqheader_by_ua_search_in_uri.py new file mode 100644 index 000000000..80f15357b --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_reqheader_by_ua_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "curl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_reqheader_hex_by_ua_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_reqheader_hex_by_ua_search_in_uri.py new file mode 100644 index 000000000..7c161739e --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_reqheader_hex_by_ua_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|6375726C|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_reqheader_regex_by_ua_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_reqheader_regex_by_ua_search_in_uri.py new file mode 100644 index 000000000..cfab3af9f --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_reqheader_regex_by_ua_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": r"c\S\Sl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_resheader_by_ct_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_resheader_by_ct_search_in_response_body.py new file mode 100644 index 000000000..5d30a8207 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_resheader_by_ct_search_in_response_body.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "text/html" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "documentation", + "replace_with": "documentation_test_case" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "documentation_test_case", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_resheader_hex_by_ct_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_resheader_hex_by_ct_search_in_response_body.py new file mode 100644 index 000000000..872e4b5e2 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_resheader_hex_by_ct_search_in_response_body.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "|746578742F68746D6C|" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "documentation", + "replace_with": "documentation_test_case" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "documentation_test_case", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_resheader_regex_by_ct_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_resheader_regex_by_ct_search_in_response_body.py new file mode 100644 index 000000000..11a9d4f4f --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_substr_resheader_regex_by_ct_search_in_response_body.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": "text/\\S\\S\\Sl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "documentation", + "replace_with": "documentation_test_case" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "documentation_test_case", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_suff_reqheader_by_ua_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_suff_reqheader_by_ua_search_in_uri.py new file mode 100644 index 000000000..d2e0ffaa5 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_suff_reqheader_by_ua_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_suff_resheader_by_ct_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_suff_resheader_by_ct_search_in_response_body.py new file mode 100644 index 000000000..a42180fa1 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_suff_resheader_by_ct_search_in_response_body.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "charset=UTF-8$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "documentation_test_case" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "documentation_test_case", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_xly_reqheader_by_ua_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_xly_reqheader_by_ua_search_in_uri.py new file mode 100644 index 000000000..6e5a21a54 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_xly_reqheader_by_ua_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_user_agent", "query_value": "Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_xly_resheader_by_ct_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_xly_resheader_by_ct_search_in_response_body.py new file mode 100644 index 000000000..3e9313877 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_substr_url_xly_resheader_by_ct_search_in_response_body.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_RES_HDR", + "name": "manipulation_http_resheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^text/html;charset=UTF-8$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "documentation_test_case" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "documentation_test_case", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_response_content_type", "query_value": "text/html;charset=UTF-8"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_suff_url_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_suff_url_search_in_response_body.py new file mode 100644 index 000000000..8c6824ea5 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_suff_url_search_in_response_body.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "/go$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_res_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_url", "query_value": "open.node.com:1443/go"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_suff_url_search_in_response_body_datacenter.py b/tests/manipulation/man_modify_replacetext_srcip_http_suff_url_search_in_response_body_datacenter.py new file mode 100644 index 000000000..1a9711352 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_suff_url_search_in_response_body_datacenter.py @@ -0,0 +1,244 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "/go$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_content" + }] + }, + "effective_range": { + "tag_sets": [ + [ + { + "tag": "data_center", + "value": [ + "center-xxg-tsgx" + ] + } + ] + ] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_res_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_url", "query_value": "open.node.com:1443/go"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_http_xly_url_search_in_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_http_xly_url_search_in_response_body.py new file mode 100644 index 000000000..aa2337b18 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_http_xly_url_search_in_response_body.py @@ -0,0 +1,232 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^open.node.com:1443/go$" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_content" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_res_content", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "http_url", "query_value": "open.node.com:1443/go"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_intip_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_intip_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..b5416d9ce --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_intip_http_substr_url_search_in_uri.py @@ -0,0 +1,250 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_IP", + "name": "manipulation_internal_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_intport_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_intport_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..9e579be5d --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_intport_http_substr_url_search_in_uri.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_INTERNAL_PORT", + "name": "manipulation_internal_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "1000-65530" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_pre_fqdn_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_pre_fqdn_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..7893eb047 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_pre_fqdn_http_substr_url_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.python." + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/doc/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_srcport_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_srcport_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..1c1ba5a25 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_srcport_http_substr_url_search_in_uri.py @@ -0,0 +1,248 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_PORT", + "name": "manipulation_src_port", + "type": "port", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "interval": "1000-65530" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_search_in_regex_uri.py b/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_search_in_regex_uri.py new file mode 100644 index 000000000..b51c6c8ea --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_search_in_regex_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "www.cheaptickets.nl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 1, + "search_in": "http_req_uri", + "find": "(ei).*(en)", + "replace_with": "fietsroutes" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://www.cheaptickets.nl/vliegtickets/kroatie/eilanden" + } + + verification_result = { + "excepted_traffic_result": "kleinste", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.cheaptickets.nl"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_search_in_request_header_body_response_body.py b/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_search_in_request_header_body_response_body.py new file mode 100644 index 000000000..9f34c47a8 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_search_in_request_header_body_response_body.py @@ -0,0 +1,261 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "open.node.com" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_header", + "find": "tmp_tsg_cookie", + "replace_with": "replace_test_tsg_cookie_cont" + }, + { + "regex_enable": 0, + "search_in": "http_req_body", + "find": "test_request_body", + "replace_with": "replace_test_req_content" + }, + { + "regex_enable": 0, + "search_in": "http_resp_body", + "find": "test_resbody", + "replace_with": "replace_test_res_resbody" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --connect-timeout 30 -m 60 -H \"Content-Type:application/json;charset=UTF-8\" -b \"test_name=tmp_tsg_cookie\" -X POST -d \"{\\\"requestbody\\\":\\\"test_request_body\\\",\\\"setcook\\\":\\\"test_setcook\\\",\\\"contenttype\\\": \\\"test_cont\\\",\\\"responsebody\\\": \\\"test_resbody\\\"}\" -kv --user-agent \"Wget (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36\" https://open.node.com:1443/go" + } + + verification_result = { + "excepted_traffic_result": "replace_test_req_content,replace_test_res_resbody", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "open.node.com"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..c8660cfc3 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_substr_reqheader_regex_by_ua_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_substr_reqheader_regex_by_ua_search_in_uri.py new file mode 100644 index 000000000..2466ec53b --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_subid_http_substr_url_substr_reqheader_regex_by_ua_search_in_uri.py @@ -0,0 +1,266 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SUBSCRIBER_ID", + "name": "manipulation_subid", + "type": "subscriberid", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^{}$".format(parameter["test_subcriber_id"]) + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "name": "manipulation_http_reqheader", + "type": "keyword", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "regex", + "expression": r"c\S\Sl" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_substr_fqdn_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_substr_fqdn_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..63721d2cc --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_substr_fqdn_http_substr_url_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "decoded_as", "query_value": "HTTP"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_suff_fqdn_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_suff_fqdn_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..0209b79fb --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_suff_fqdn_http_substr_url_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": ".python.org$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/doc/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/man_modify_replacetext_srcip_xly_fqdn_http_substr_url_search_in_uri.py b/tests/manipulation/man_modify_replacetext_srcip_xly_fqdn_http_substr_url_search_in_uri.py new file mode 100644 index 000000000..92ec6fd16 --- /dev/null +++ b/tests/manipulation/man_modify_replacetext_srcip_xly_fqdn_http_substr_url_search_in_uri.py @@ -0,0 +1,249 @@ +# -*- coding: UTF-8 -*- +import os +import sys + +sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))) +import time +import pytz +from datetime import datetime +from support.ui_utils.workpath import workdir +from support.ui_utils.ui_client import UIClient +from support.api_utils.api_client import APIClient +from support.packet_generator.traffic_generator import * +from support.report_update import ReportUpdate + + +def run(parameter): + try: + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Begin to run test case: " + parameter["test_case_name"], flush=True) + + # 参数初始化 + result, exception_result = "", "" + test_summary = {} + + # 脚本启动时间 + script_start_time = time.time() + + policy_configuration = { + "name": parameter["test_case_name"], + "type": "proxy_manipulation", + "action": "modify", + "and_conditions": [ + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "name": "manipulation_source_ip", + "type": "ip", + "sub_type": "ip", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "ip": parameter["test_pc_ip"], + "interval": "0-65535" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_APP_ID", + "type": "application", + "items": ["http"] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "name": "manipulation_fqdn", + "type": "fqdn", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "^www.python.org$" + }] + }] + }, + { + "negate_option": False, + "or_conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "name": "manipulation_url", + "type": "url", + "statistics_option": "none", + "member_type": "item", + "items": [ + { + "op": "add", + "expr_type": "and", + "expression": "python" + }] + }] + }], + "is_enabled": 1, + "log_option": "metadata", + "action_parameter": + { + "sub_action": "replace_text", + "rules": [ + { + "regex_enable": 0, + "search_in": "http_req_uri", + "find": "doc", + "replace_with": "community" + }] + } + } + + traffic_generation = { + "tool": "ssl", # or trex/http + "command": "curl --compressed -kv --connect-timeout 30 --max-time 60 https://www.python.org/doc/" + } + + verification_result = { + "excepted_traffic_result": "Weekly", + "expected_metric": {"hits": 1}, + "expected_log": [ + {"query_field_key": "http_host", "query_value": "www.python.org"}, + {"query_field_key": "http_url", "query_value": "www.python.org/doc/"} + ] + } + + # 创建 + objects_tuple, profiles_tuple, libraries_tuple, rules_tuple = None, None, None, None + if parameter["initiation_method"] == "ui": + ui_client = UIClient() + rules_tuple, ui_error = ui_client.create_rules(policy_configuration) + if len(ui_error) > 0: + return ui_error + elif parameter["initiation_method"] == "api": + api_client = APIClient(parameter) + # {uuid, type}, i.e., {"12341-232-a21", "ip"} + objects_tuple, api_error = api_client.create_objects(policy_configuration) + if len(api_error) > 0: + return api_error + profiles_tuple, api_error = api_client.create_profiles(policy_configuration) + if len(api_error) > 0: + return api_error + libraries_tuple, api_error = api_client.create_libraries(policy_configuration) + if len(api_error) > 0: + return api_error + rules_tuple, api_error = api_client.create_rules(policy_configuration, objects_tuple, libraries_tuple, profiles_tuple) + if len(api_error) > 0: + return api_error + + # 等待下发配置生效 + time.sleep(3) + + # 类实例化 + generator = TrafficGenerator() + + # 获取当前时间 + utc_tz = pytz.timezone('UTC') + current_utc_time = datetime.now(utc_tz) + start_time = current_utc_time.strftime('%Y-%m-%dT%H:%M:%SZ') + + # 触发流量 + traffic_result = generator.run(policy_configuration, traffic_generation) + + # 验证流量生成器的返回值是否符合策略执行的预期 + excepted_traffic_result, error = generator.result(verification_result, traffic_result) + if excepted_traffic_result == False: + return error + + # 提取Manipulation_rules用于查询 + tmp_rules_list = [] + for i in range(len(rules_tuple)): + if rules_tuple[i]["type"] == "proxy_manipulation": + tmp_rules_list.append(rules_tuple[i]) + tmp_rules_tuple = tuple(tmp_rules_list) + + # 验证tsg的日志是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + log_result = ui_client.query_rule_log(verification_result, tmp_rules_tuple, traffic_result) + elif parameter["initiation_method"] == "api": + log_result = api_client.query_rule_log(traffic_generation, verification_result, tmp_rules_tuple, start_time, traffic_result) + if log_result == True: + test_summary["log"] = "Pass." + elif log_result == False: + test_summary["log"] = "The failure reason: the returned log does not match the expected result." + elif log_result == None: + test_summary["log"] = "The failure reason: the returned log is empty." + elif len(log_result) > 0: + test_summary["log"] = log_result + + # 验证tsg的metric是否符合策略执行的预期 + if parameter["initiation_method"] == "ui": + metric_result = ui_client.query_rule_metric(verification_result, traffic_result) + elif parameter["initiation_method"] == "api": + metric_result = api_client.query_rule_metric(verification_result, tmp_rules_tuple, start_time, traffic_result) + if metric_result == True: + test_summary["metric"] = "Pass." + elif metric_result == False: + test_summary["metric"] = "The failure reason: the returned metric does not match the expected result." + elif metric_result == None: + test_summary["metric"] = "The failure reason: the returned metric is empty." + elif len(metric_result) > 0: + test_summary["metric"] = metric_result + + return test_summary + except Exception as e: + exception_result = str(e) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "When running test case, the exception error: ", str(e), flush=True) + return "When running test case, the exception error: " + str(e) + finally: + # 删除 + if parameter["initiation_method"] == "ui": + if rules_tuple: + ui_client.delete_rules(parameter, policy_configuration) + elif parameter["initiation_method"] == "api": + if rules_tuple: + api_client.delete_rules(rules_tuple) + if profiles_tuple: + api_client.delete_profiles(profiles_tuple) + if libraries_tuple: + api_client.delete_libraries(libraries_tuple) + if objects_tuple: + api_client.delete_objects(objects_tuple) + + # 统计脚本用时 + script_end_time = time.time() + duration = script_end_time - script_start_time + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Duration of running the test case: ", "{:.3f}".format(duration), flush=True) + print(datetime.now().strftime("%Y-%m-%d %H:%M:%S"), str(datetime.now().microsecond)[:3], "Finish test case: " + parameter["test_case_name"], flush=True) + + # 生成csv报告 + update = ReportUpdate() + update.write_result(parameter, result, exception_result) + + +if __name__ == '__main__': + from support.ui_utils.element_position.map_element_position_library import replace_paras + + parameter = { + "username": "zcw3", + "password": "qa111111", + "test_pc_ip": "192.168.64.93", + "test_subcriber_id": "test6491", + "api_server": "http://192.168.44.72", + "debug_flag": "local", + "initiation_method": "api", # api ui 空字符串 + "env": "tsgx", + "vsys": 1, + "root_path": workdir, + "path": workdir + "/tests", + "module_name": "manipulation", + "test_case_name": os.path.basename(__file__)[:-3] + } + parameter = replace_paras(parameter) + run(parameter) diff --git a/tests/manipulation/test.py b/tests/manipulation/test.py index c33640f01..cae280746 100644 --- a/tests/manipulation/test.py +++ b/tests/manipulation/test.py @@ -971,7 +971,7 @@ def re_name(case_directory_path='C:/zcw/tsg_test/tests/目录名', file_startwit # 获取目录下所有文件的名称 # for filename in os.listdir(case_directory_path): # if filename.endswith(file_endswith) and filename.startswith(file_startwith): - # # 去掉.py后缀并添加到列表中 + # 去掉.py后缀并添加到列表中 # pass # if "run_script" in filename: # tmp = filename.replace("run_script", "execute") @@ -993,11 +993,8 @@ def re_name(case_directory_path='C:/zcw/tsg_test/tests/目录名', file_startwit # old_path = os.path.join(case_directory_path, filename) # new_path = os.path.join(case_directory_path, tmp) # os.rename(old_path, new_path) - # elif "insert" in filename: - # if "css" in filename: - # tmp = filename.replace("insert", "modify_injectjs") - # else: - # tmp = filename.replace("insert", "modify_injectcss") + # if "injectcss" in filename: + # tmp = filename.replace("injectcss", "injectjs") # old_path = os.path.join(case_directory_path, filename) # new_path = os.path.join(case_directory_path, tmp) # os.rename(old_path, new_path) @@ -1014,7 +1011,7 @@ def re_name(case_directory_path='C:/zcw/tsg_test/tests/目录名', file_startwit if __name__ == '__main__': # 定义目录和目标文件 需要调整的变量 - ms_json_path = 'C:/Users/root/Downloads/Metersphere_Api_TSG (29).json' + ms_json_path = 'C:/Users/root/Downloads/Metersphere_Api_TSG (32).json' case_directory_path = 'C:/zcw/tsg_test/tests/manipulation' file_startwith = "man_" file_endswith = ".py" @@ -1023,7 +1020,7 @@ if __name__ == '__main__': # local_run() # 对比MS工具 - # diff_ms(ms_json_path=ms_json_path, case_directory_path=case_directory_path, file_startwith=file_startwith, file_endswith=file_endswith) + diff_ms(ms_json_path=ms_json_path, case_directory_path=case_directory_path, file_startwith=file_startwith, file_endswith=file_endswith) # 生成excle使用数据工具 #get_excel_formate_from_case(case_directory_path=case_directory_path, file_startwith=file_startwith, file_endswith=file_endswith) @@ -1032,7 +1029,7 @@ if __name__ == '__main__': #replace_test_data_from_py(case_directory_path=case_directory_path, file_startwith=file_startwith, file_endswith=file_endswith) # 重命名 - re_name(case_directory_path=case_directory_path, file_startwith=file_startwith) + #re_name(case_directory_path=case_directory_path, file_startwith=file_startwith) |