diff options
| author | zxm06 <[email protected]> | 2022-05-25 15:02:05 +0800 |
|---|---|---|
| committer | zxm06 <[email protected]> | 2022-05-25 15:02:05 +0800 |
| commit | e5472ff1f443450d4934c4f93168544520428a34 (patch) | |
| tree | 0a68fea712f078faa5eb9241f7f02cac7268e774 | |
| parent | 65853bd4637a0ee165a07f5b3dbd3e5b4b5b84de (diff) | |
代理优先级策略
11 files changed, 1100 insertions, 22 deletions
diff --git a/case/policies/proxy/priority/proxy_http_priority_tests.robot b/case/policies/proxy/priority/proxy_http_priority_tests.robot new file mode 100644 index 0000000..56fe873 --- /dev/null +++ b/case/policies/proxy/priority/proxy_http_priority_tests.robot @@ -0,0 +1,1016 @@ +*** Settings *** +Test Setup LoginAndAddLocalIP +Test Teardown DeletePolicyAndObject1 ${policyIds} ${objectids} ${url} ${profiledId} ${categoryIds} +Force Tags tsg_adc_wp adc_api security_policy +Library OperatingSystem +Resource ../../../../keyword/common/systemcommand.robot +# Resource ../../keyword/common/log_variable.robot +Resource ../../../../keyword/common/file_operation.robot +Resource ../../../../keyword/objects/object.robot +Resource ../../../../keyword/policys/policy.robot +Resource ../../../../keyword/common/login_logout_switch.robot +Library ../../../../customlib/verify_policy.py + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} ${EMPTY} +${profiledId} ${EMPTY} +${categoryIds} ${EMPTY} + +*** Test Cases *** +proxy_policy_allow_http_idPriority + [Tags] idPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=$www.yumi.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=allow userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=allow userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId3} + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "www.yumi.com"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId3} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- http://www.yumi.com/ commandRes=玉米网 logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=www.yumi.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_deny_http_idPriority + [Tags] idPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=*newsela.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=deny userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=deny userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId3} + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "newsela.com"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId3} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- https://newsela.com/ commandRes=Error 404 logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=newsela.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_monitor_http_idPriority + [Tags] idPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=$www.facebook.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest action=monitor userRegion={"method":"monitor","protocol":"HTTP"} doLog=1 filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest action=monitor userRegion={"method":"monitor","protocol":"HTTP"} doLog=1 filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId3} + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "www.facebook.com"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId3} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- https://www.facebook.com/ commandRes=defaultCert logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=www.facebook.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_redirect_http_idPriority + [Tags] idPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=$www.yumi.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + + Comment 创建url + ${addItemList1} Create Dictionary keywordArray=yumi isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObjects ${1} ${objectDict} + + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=manipulation userRegion={"method":"redirect","to":"http://www.iceo.com.cn/renwu2013/","code":301,"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=manipulation userRegion={"method":"redirect","to":"http://www.iceo.com.cn/renwu2013/","code":301,"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId3} + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "www.yumi.com"} + ${url} Create Dictionary attributeType=string attributeName=url appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "www.yumi.com"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} ${url} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId3} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- http://www.yumi.com/ commandRes=301 Moved Permanently logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=www.yumi.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_replace_http_idPriority + [Tags] idPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=$destidotcom.wordpress.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + + Comment 创建url + ${addItemList1} Create Dictionary keywordArray=wordpress.com/contact/ isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObjects ${1} ${objectDict} + + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest doLog=1 action=manipulation userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"Artificial","replace_with":"明天你好"}],"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest doLog=1 action=manipulation userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"Artificial","replace_with":"明天你好"}],"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId3} + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "destidotcom.wordpress.com"} + ${url} Create Dictionary attributeType=string attributeName=url appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "wordpress.com/contact/"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${url} ${fqdn} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId3} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- https://destidotcom.wordpress.com/contact/ commandRes=明天你好 logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=destidotcom.wordpress + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_hijack_http_idPriority + [Tags] idPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=*lexus.ru isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + + Comment 创建url + ${addItemList1} Create Dictionary keywordArray=www.lex* isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObjects ${1} ${objectDict} + + Comment 创建hijack文件 + ${url} Set Variable /v1/policy/profile/hijackfiles + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-hijack Files-test-3.html hijack + ${profiledId} Get From Dictionary ${response} profileId + + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} doLog=2 filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} doLog=2 filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId3} + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "lexus.ru"} + ${url} Create Dictionary attributeType=string attributeName=url appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "www.lex"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} ${url} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId3} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- https://www.lexus.ru/ commandRes=小蛇 logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=lexus.ru + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} + #删除文件 + ${url} Set Variable /v1/policy/profile/hijackfiles + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_insert_http_idPriority + [Tags] idPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=$www.meilleurmobile.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + + Comment 创建url + ${addItemList1} Create Dictionary keywordArray=meilleurmobile isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObjects ${1} ${objectDict} + + Comment 创建insert文件 + ${url} Set Variable /v1/policy/profile/insertscripts + ${response} CreatePolicyFile2 ${url} ${path}/insert_files/ Create-insert Scripts-test-1.js insert + ${profiledId} Get From Dictionary ${response} profileId + + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest action=manipulation doLog=1 userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest action=manipulation doLog=1 userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId3} + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "www.meilleurmobile.com"} + ${url} Create Dictionary attributeType=string attributeName=url appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "meilleurmobile"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} ${url} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId2} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- https://www.meilleurmobile.com/ commandRes=tfe logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=www.meilleurmobile.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} + + #删除文件 + ${url} Set Variable /v1/policy/profile/insertscripts + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + + +proxy_policy_http_actionPriority_001 + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=$www.yumi.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=allow userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId2} + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=deny userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "www.yumi.com"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId2} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- http://www.yumi.com/ commandRes=玉米网 logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=www.yumi.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_http_actionPriority_002 + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=*newsela.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + + Comment 创建url + ${addItemList1} Create Dictionary keywordArray=newsela.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObjects ${1} ${objectDict} + + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=deny userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId2} + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=manipulation userRegion={"method":"redirect","to":"http://www.iceo.com.cn/renwu2013/","code":301,"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "newsela.com"} + ${url} Create Dictionary attributeType=string attributeName=url appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "newsela.com"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} ${url} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId2} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- https://newsela.com/ commandRes=Error 404 logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=newsela.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_allow_http_conditionPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=$www.yumi.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=allow userRegion={"method":"allow","protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId2} + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=allow userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "www.yumi.com"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId2} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- http://www.yumi.com/ commandRes=玉米网 logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=www.yumi.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_deny_http_conditionPriority + [Tags] idPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=*newsela.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=deny userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId2} + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest doLog=2 action=deny userRegion={"method":"block","message":"涨涨涨涨","code":404,"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "newsela.com"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId2} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- https://newsela.com/ commandRes=Error 404 logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=newsela.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2} + +proxy_policy_monitor_http_conditionPriority + [Tags] idPriority + Comment 创建fqdn + ${addItemList1} Create Dictionary keywordArray=$www.facebook.com isHexbin=${0} + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=security-intercept-http+ssl policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1619,"decryption":1,"traffic_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID},${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId1} Set Variable ${policyId}[0] + + Comment 创建代理策略1 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_1 policyType=pxy_manipulation policyDesc=autotest action=monitor userRegion={"method":"monitor","protocol":"HTTP"} doLog=1 isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId2} Set Variable ${policyId}[0] + ${logPolicyId} Convert to String ${policyId2} + + Comment 创建代理策略2 + ${policyDict} Create Dictionary policyName=${TEST_NAME}_2 policyType=pxy_manipulation policyDesc=autotest action=monitor userRegion={"method":"monitor","protocol":"HTTP"} doLog=1 filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} GetPids ${policyId} + ${policyId3} Set Variable ${policyId}[0] + + + sleep 60 + Comment 策略验证 + ${fqdn} Create Dictionary attributeType=string attributeName=host appId=${HTTP_VID} appName=http protocol=http attributeValue={"string": "www.facebook.com"} + ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "${HTTP_VID}"} + ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"} + ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} + ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} + # 合成attributes字典集 + ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${fqdn} + log ${attributes} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} + log ${verifyList} + ${rescode} ${resData} VerifyPolicies ${verifyList} + # 打印检查结果 + ${objectid_verify} Set Variable ${objectId} + ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyId2} + # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 + log ${objectid_verify} + ${testType} Evaluate type($objectid_verify) + ${testType} Evaluate type($resData) + log ${resData} + ${ok} VerifyProxy ${resData} ${objectid_verify} + Should Be Equal As Strings ${ok} true + + Comment 验证效果 + ${loginInfo} Run Keyword If "${incomingClientInfo}"!="${EMPTY}" Set Variable ${incomingClientInfo} + ... ELSE Set Variable ${defaultClientInfo} + + ${commandMessage} Create Dictionary command=wget --debug -q -O- https://www.facebook.com/ commandRes=defaultCert logType=proxy_event + ${logQueryParam} Create Dictionary queryFiledKey=http_host queryValue=www.facebook.com + ${logQueryParam} Create List ${logQueryParam} + # ${logQueryParam} Create Dictionary logQueryParam=[{'queryFiledKey':'common_schema_type','queryValue':'FTP'}] + ${command} Get From Dictionary ${commandMessage} command + ${commandRes} Get From Dictionary ${commandMessage} commandRes + ${logType} Get From Dictionary ${commandMessage} logType + + ${hopeSuccessNumber} Set Variable 1 + ${excuteSuccessful} ${reachExcuteFail} ${unReachable} ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} + + Run Keyword And Continue On Failure Should Be True ${excuteSuccessful}>=${hopeSuccessNumber} + Log To Console 可达且执行成功:${excuteSuccessful}个,可达但执行失败:${reachExcuteFail}个,不可达:${unReachable}个 + + #删除对象 + ${objectids} Set Variable ${objectId} + + #删除策略 + ${policyTemp1} Set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]} + ${policyTemp2} Set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId2},${policyId3}]} + ${policyIds} Create List ${policyTemp1} ${policyTemp2}
\ No newline at end of file diff --git a/case/policies/security/http.robot b/case/policies/security/http.robot index cefa77d..7d7b9b0 100644 --- a/case/policies/security/http.robot +++ b/case/policies/security/http.robot @@ -99,9 +99,9 @@ deny-resheader-substring # [Tags] SingleFilter Reset Rate Limit # ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-url-reqbody-prefix-data.yaml ${TEST NAME} -deny-url-reqbody-substring +deny-url-resbody-substring [Tags] SingleFilter Reset Rate Limit - ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-url-reqbody-substring-data.yaml ${TEST NAME} + ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-url-resbody-substring-data.yaml ${TEST NAME} # deny-url-reqbody-exactly # [Tags] SingleFilter Reset Rate Limit diff --git a/keyword/common/clear_data.robot b/keyword/common/clear_data.robot index 4a6f85c..341e036 100644 --- a/keyword/common/clear_data.robot +++ b/keyword/common/clear_data.robot @@ -10,6 +10,7 @@ Resource common.robot *** Variables ***
${policyUrl} /policy/compile
${decryptionProfileUrl} /policy/profile/decryption
+${decryptionExclusionUrl} /policy/items
*** Keywords ***
DeletePolicyAndObjectAndOther
[Documentation] delete :policy object category app signature profile ...
@@ -36,6 +37,9 @@ DeletePolicyAndObjectAndOther #删除SSL 解密配置文件
Run Keyword If "${createDecryptionProfileds}"=="${EMPTY}" log no SSL Decryption profiledId to del
... ELSE DeleteProfileByIds /${version}${decryptionProfileUrl} ${createDecryptionProfileds}
+ #删除SSL 解密流量排除文件
+ Run Keyword If "${createDecryptionExclusionIds}"=="${EMPTY}" log no SSL Decryption exclusion to del
+ ... ELSE DeleteExclusionByIds /${version}${decryptionExclusionUrl} ${createDecryptionExclusionIds}
Run Keyword If "${appids}"=="${EMPTY}" log no appids to del
... ELSE DeleteApplicationByIds ${appids}
diff --git a/keyword/common/functional_keywords.robot b/keyword/common/functional_keywords.robot index cdefd9e..90501dd 100644 --- a/keyword/common/functional_keywords.robot +++ b/keyword/common/functional_keywords.robot @@ -297,4 +297,17 @@ DeleteProfileByIds Should Be Equal As Strings ${response_code} 200
#Integer ${response_code} 200
${response} Convert to String ${response}
- log ${response}
\ No newline at end of file + log ${response}
+
+DeleteExclusionByIds
+ [Arguments] ${typeUrl} ${exclusionItemIds}
+ log DeleteProfile
+ log ${exclusionItemIds}
+ ${response} BaseDeleteRequest ${typeUrl} {"itemType":"fqdn","itemIds":${exclusionItemIds},"objectIds":[1]}
+ ${response_code} Get From Dictionary ${response} code
+ #log aaaaaaaaaa:${response_code}
+ Should Be Equal As Strings ${response_code} 200
+ #Integer ${response_code} 200
+ ${response} Convert to String ${response}
+ log ${response}
+ [Return] ${response}
\ No newline at end of file diff --git a/keyword/common/login_logout.robot b/keyword/common/login_logout.robot index ee02b6d..9e117de 100644 --- a/keyword/common/login_logout.robot +++ b/keyword/common/login_logout.robot @@ -149,11 +149,16 @@ InitTemplate ${toJson} json.Dumps ${testinMode} SET GLOBAL VARIABLE ${packetCaptureModeJson} ${toJson} - #SSL解密配置文件模板模板 + #SSL解密配置文件模板 ${testinMode} Get From Dictionary ${LOADED} ssl_decryption_profiles_template ${toJson} json.Dumps ${testinMode} SET GLOBAL VARIABLE ${decryptionProfileJson} ${toJson} + #SSL解密排除文件模板 + ${testinMode} Get From Dictionary ${LOADED} ssl_decryption_exclusion_template + ${toJson} json.Dumps ${testinMode} + SET GLOBAL VARIABLE ${decryptionExclusionJson} ${toJson} + ApiLogin [Tags] # 云测系统登录 @@ -206,6 +211,7 @@ ApiLogin SET GLOBAL VARIABLE ${createPolicyIds} ${EMPTY} SET GLOBAL VARIABLE ${createProfileds} ${EMPTY} SET GLOBAL VARIABLE ${createDecryptionProfileds} ${EMPTY} + SET GLOBAL VARIABLE ${createDecryptionExclusionIds} ${EMPTY} SET GLOBAL VARIABLE ${createPacketCapturePolicyIds} ${EMPTY} #云测平台登录令牌 SET GLOBAL VARIABLE ${sid} ${sidCode} diff --git a/keyword/policys/policy.robot b/keyword/policys/policy.robot index 500521b..fdcdeb1 100644 --- a/keyword/policys/policy.robot +++ b/keyword/policys/policy.robot @@ -22,6 +22,7 @@ Resource ../../keyword/common/common_interface.robot *** Variables ***
${policyUrl} /policy/compile
${decryptionProfileUrl} /policy/profile/decryption
+${decryptionExclusionUrl} /policy/items
*** Keywords ***
#get查询策略,传入字典对象,该方法将字典对象自动拼接成get请求查询条件
QueryPolicies
@@ -618,6 +619,8 @@ GetCommand ${commandRes} Run Keyword If "${commandRes}"=="defaultCert" Set Variable ${defaultCert}
... ELSE Set Variable ${commandRes}
${logQueryParam} Get From Dictionary ${verify} logQueryParam
+ ${type} Evaluate type(${logQueryParam})
+ log ${logQueryParam}
${hopeSuccessNumber} Get From Dictionary ${verify} hopeSuccessNumber
${excuteSuccessful} ${reachExcuteFail} ${unReachable} Run Keyword If ("${appHttpReturn}"=="PASS" or "${appHttpsReturn}"=="PASS" or "${appSslReturn}"=="PASS" or "${appDnsReturn}"=="PASS") and "${isGre}"!="1" ExcuteCommand ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId}
... ELSE IF ("${appHttpReturn}"=="PASS" or "${appSslReturn}"=="PASS") and "${isGre}"=="1" ExcuteGreCommand ${greClientInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId} ${grePort}
@@ -749,6 +752,7 @@ ExcuteFtpCommand ${isUTC} Evaluate ${tsgVersion}>=22.03
${starttime} Run Keyword If "${isUTC}"=="True" Get Current Date UTC exclude_millis=True
... ELSE Get Time
+ sleep 5
${returnConnect} ${connect} Run Keyword And Ignore Error Open Connection ${manageIp}
${returnLogin} ${login} Run Keyword And Ignore Error SSHLibrary.Login ${manageUser} ${managePassword}
${defaultFtpInfo} Replace String ${defaultFtpInfo} ' "
@@ -764,7 +768,7 @@ ExcuteFtpCommand # ${result} FTP_login ftp://${ftpHost}/${ftpUrl} -u ${ftpUserName}:${ftpPassword} ${ftpContent}
# ${returnIsExcute} ${result1} Run Keyword And Ignore Error Should Be Equal As Strings ${result} ${hopeResult}
- Write curl -m 10 ftp://${ftpHost}${ftpUrl} -u ${ftpUserName}:${ftpPassword}
+ ${returnFtp} ${ftp} Run Keyword And Ignore Error Write curl -m 10 ftp://${ftpHost}${ftpUrl} -u ${ftpUserName}:${ftpPassword}
${return} ${res} Run Keyword And Ignore Error Read delay=15s
${returnIsExcute} ${excute} Run Keyword And Ignore Error Should Contain ${res} ${hopeResult}
@@ -802,6 +806,7 @@ EmailSend ${isUTC} Evaluate ${tsgVersion}>=22.03
${starttime} Run Keyword If "${isUTC}"=="True" Get Current Date UTC exclude_millis=True
... ELSE Get Time
+ sleep 5
${returnConnect} ${connect} Run Keyword And Ignore Error Open Connection ${manageIp}
${returnLogin} ${login} Run Keyword And Ignore Error SSHLibrary.Login ${manageUser} ${managePassword}
@@ -880,7 +885,7 @@ GetMailVerifyResult ExcuteCommand
[Documentation]
- ...
+ ... 在linux服务器上执行对应的命令
[Arguments] ${loginInfo} ${command} ${commandRes} ${logQueryParam} ${logType} ${logPolicyId}
${unReachable} Set Variable 0
${reachExcuteFail} Set Variable 0
@@ -1205,6 +1210,13 @@ CreatePolicysAndObjects ... 返回参数${objectId}格式:[107582, 107583]
... 返回参数:${policyId} [{'objectId': 107582, 'protocolField': 'TSG_SECURITY_SOURCE_ADDR'},{'objectId': 107583, 'protocolField': 'TSG_SECURITY_SOURCE_ADDR'}]
[Arguments] ${policyData} ${testName} ${editPolicyId}=${EMPTY}
+
+
+ ${return} ${exclusionFqdn} Run Keyword And Ignore Error Get From Dictionary ${policyData} exclusionFqdn
+ ${exclusionItemId} Run Keyword If "${return}"=="FAIL" Set Variable ${EMPTY}
+ ... ELSE CreateSslDecryptionExclusion ${exclusionFqdn}
+
+
Log To Console Call CreatePolicysAndObjects
Comment 获取模板
Comment ${policyModeJson}策略模板取自全局变量
@@ -1431,12 +1443,22 @@ CreatePolicysAndObjects Log ${policyVerifyJson}
[Return] ${objectIds} ${policyIds} ${policyVerifyJson} ${atributeObjectIds}
+CreateSslDecryptionExclusion
+ [Documentation] 新建解密流量排除fqdn
+ [Arguments] ${exclusionFqdn}
+ Comment 获取模板
+ Comment ${decryptionExclusionJson}策略模板取自全局变量
+ log ${decryptionExclusionJson}
+ ${decryptionExclusionJson} Set Variable ${decryptionExclusionJson}
+ ${decryptionExclusionJson} Replace String ${decryptionExclusionJson} "keywordArray": [null] "keywordArray": ["${exclusionFqdn}"]
+ ${decryptionExclusionJson} json.loads ${decryptionExclusionJson}
+ log ${decryptionExclusionJson}
+ ${exclusionItemId} CreateDecryptionExclusion ${decryptionExclusionJson}
+ [Return] ${exclusionItemId}
+
CreateSslDecryptionProfile
[Documentation] 新建DecryptionProfile文件
[Arguments] ${decryptionProfile}
- # ${yamlData} OperatingSystem.Get File ${defaultFilePath}
- # ... ELSE OperatingSystem.Get File ${dataFilePath}
- # ${loadedData}= yaml.Safe Load ${yamlData}
Comment 获取模板
Comment ${decryptionProfileJson}策略模板取自全局变量
${decryptionProfileJson} Set Variable ${decryptionProfileJson}
@@ -1491,8 +1513,7 @@ CreateSslDecryptionProfile ${decryptionProfileJson} json.loads ${decryptionProfileJson}
log ${decryptionProfileJson}
${profiledId} CreateDecryptionProfile ${decryptionProfileJson}
- [Return] ${profiledId}
-
+ [Return] ${profiledId}
CreateDecryptionProfile
[Documentation]
... 创建SSL解密配置文件
@@ -1511,6 +1532,24 @@ CreateDecryptionProfile SET GLOBAL VARIABLE ${createDecryptionProfileds} ${createDecryptionProfiledsTemp}
[Return] ${profiledId}
+CreateDecryptionExclusion
+ [Documentation]
+ ... 创建SSL解密配置文件
+ [Arguments] ${decryptionExclusionJson} ${code}=null
+ ${returnData} Get From Dictionary ${decryptionExclusionJson} returnData
+ ${bodyJson} json.Dumps ${decryptionExclusionJson}
+ log ${bodyJson}
+ ${response} BasePostRequestForV2 ${decryptionExclusionUrl} ${bodyJson} ${version}
+ log ${response}
+
+ ${list} Set Variable ${response['data']['itemList']}
+ ${exclusionItemId} Set Variable ${list[0]['itemId']}
+ ${exclusionItemIdList} Create List ${exclusionItemId}
+ ${createDecryptionExclusionIdsTemp} Run Keyword If "${createDecryptionExclusionIds}"!="${EMPTY}" AppendListToList ${createDecryptionExclusionIds} ${exclusionItemIdList}
+ ... ELSE Set Variable ${exclusionItemIdList}
+ SET GLOBAL VARIABLE ${createDecryptionExclusionIds} ${createDecryptionExclusionIdsTemp}
+ [Return] ${exclusionItemId}
+
GetProfileMessage
[Arguments] ${html_profile}
${responseUrl} Get From Dictionary ${html_profile} responseUrl
diff --git a/other/data/security/ftp/security-ftp-deny-uri-exactly-data.yaml b/other/data/security/ftp/security-ftp-deny-uri-exactly-data.yaml index 06850b8..6bd8af8 100644 --- a/other/data/security/ftp/security-ftp-deny-uri-exactly-data.yaml +++ b/other/data/security/ftp/security-ftp-deny-uri-exactly-data.yaml @@ -39,7 +39,7 @@ "objectList": - "addItemList": - "keywordArray": - - "$ftp://192.168.90.158/autoFtp/english.txt" + - "$ftp://192.168.40.158/autoFtp/english.txt" - "opAction": "update" "returnData": 1 @@ -81,7 +81,7 @@ "objectList": - "addItemList": - "keywordArray": - - "$ftp://192.168.90.158/autoFtp/english_big.txt" + - "$ftp://192.168.40.158/autoFtp/english_big.txt" - "opAction": "add" "returnData": 1 @@ -122,7 +122,7 @@ "objectList": - "addItemList": - "keywordArray": - - "$ftp://192.168.90.158/autoFtp/english.txt" + - "$ftp://192.168.40.158/autoFtp/english.txt" - "opAction": "add" "returnData": 1 @@ -162,4 +162,4 @@ "objectList": - "addItemList": - "keywordArray": - - "$ftp://192.168.90.158/autoFtp/english.txt" + - "$ftp://192.168.40.158/autoFtp/english.txt" diff --git a/other/data/security/ftp/security-ftp-deny-uri-prefix-data.yaml b/other/data/security/ftp/security-ftp-deny-uri-prefix-data.yaml index c104a0e..5416094 100644 --- a/other/data/security/ftp/security-ftp-deny-uri-prefix-data.yaml +++ b/other/data/security/ftp/security-ftp-deny-uri-prefix-data.yaml @@ -39,7 +39,7 @@ "objectList": - "addItemList": - "keywordArray": - - "ftp://192.168.90*" + - "ftp://192.168.*" - "opAction": "update" @@ -82,7 +82,7 @@ "objectList": - "addItemList": - "keywordArray": - - "ftp://192.168.90*" + - "ftp://192.168.40*" - "opAction": "add" "returnData": 1 @@ -123,7 +123,7 @@ "objectList": - "addItemList": - "keywordArray": - - "ftp://192.168.90*" + - "ftp://192.168.40*" - "opAction": "add" "returnData": 1 @@ -163,4 +163,4 @@ "objectList": - "addItemList": - "keywordArray": - - "ftp://192.168.90*" + - "ftp://192.168.40*" diff --git a/other/data/security/ftp/security-ftp-monitor-uri-exactly-data.yaml b/other/data/security/ftp/security-ftp-monitor-uri-exactly-data.yaml index e606cec..4a8a3b3 100644 --- a/other/data/security/ftp/security-ftp-monitor-uri-exactly-data.yaml +++ b/other/data/security/ftp/security-ftp-monitor-uri-exactly-data.yaml @@ -40,4 +40,4 @@ "objectList": - "addItemList": - "keywordArray": - - "$ftp://192.168.90.158/autoFtp/english.txt" + - "$ftp://192.168.40.158/autoFtp/english.txt" diff --git a/other/data/security/ftp/security-ftp-monitor-uri-prefix-data.yaml b/other/data/security/ftp/security-ftp-monitor-uri-prefix-data.yaml index e21dc92..28564ce 100644 --- a/other/data/security/ftp/security-ftp-monitor-uri-prefix-data.yaml +++ b/other/data/security/ftp/security-ftp-monitor-uri-prefix-data.yaml @@ -40,4 +40,4 @@ "objectList": - "addItemList": - "keywordArray": - - "ftp://192.168.90.158*" + - "ftp://192.168.40.158*" diff --git a/other/data/security/ftp/security-ftp-monitor-uri-substring-data.yaml b/other/data/security/ftp/security-ftp-monitor-uri-substring-data.yaml index 95b1cfe..3255579 100644 --- a/other/data/security/ftp/security-ftp-monitor-uri-substring-data.yaml +++ b/other/data/security/ftp/security-ftp-monitor-uri-substring-data.yaml @@ -40,5 +40,5 @@ "objectList": - "addItemList": - "keywordArray": - - "ftp://192.168.90.158" + - "ftp://192.168.40.158" |