diff options
| author | fengweihao <[email protected]> | 2024-08-16 10:32:02 +0800 |
|---|---|---|
| committer | fengweihao <[email protected]> | 2024-08-16 10:32:02 +0800 |
| commit | be7368a0cce09adaf66f3697a8c2efb05f79fcff (patch) | |
| tree | aeb2afe5c49481450272784c941fcdfbd695ed48 /test | |
| parent | 6dc39cc9223d809340ec9b99668dea79dd67baf8 (diff) | |
TSG-22199 修复tunnel调用no_logic情况下命中路径记录问题,优化Fqdn命中路径构建v4.0.26-20240816develop-3.0
Diffstat (limited to 'test')
| -rw-r--r-- | test/CMakeLists.txt | 3 | ||||
| -rw-r--r-- | test/resource/HitPolicyRequest.json | 106 | ||||
| -rw-r--r-- | test/resource/HitPolicyResult.json | 137 | ||||
| -rw-r--r-- | test/resource/VerifyPolicyManipulation.json | 175 | ||||
| -rw-r--r-- | test/resource/VerifyPolicyTunnel.json | 118 | ||||
| -rw-r--r-- | test/verify_policy_test.cpp | 48 |
6 files changed, 457 insertions, 130 deletions
diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index a717f60..751ee83 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -10,7 +10,6 @@ file(COPY ${CMAKE_SOURCE_DIR}/resource DESTINATION ${TEST_RUN_DIR}) file(COPY ${CMAKE_SOURCE_DIR}/conf DESTINATION ${TEST_RUN_DIR}) file(COPY ${CMAKE_SOURCE_DIR}/test/resource/VerifyPolicyManipulation.json DESTINATION ${TEST_RUN_DIR}/resource) -file(COPY ${CMAKE_SOURCE_DIR}/test/resource/VerifyPolicyTunnel.json DESTINATION ${TEST_RUN_DIR}/resource) file(COPY ${CMAKE_SOURCE_DIR}/test/resource/HitPolicyResult.json DESTINATION ${TEST_RUN_DIR}/resource) file(COPY ${CMAKE_SOURCE_DIR}/test/resource/HitPolicyRequest.json DESTINATION ${TEST_RUN_DIR}/resource) @@ -19,7 +18,5 @@ add_test(NAME UPDATE_LOG_LEVEL COMMAND bash -c "sed -i 's/log_level=5/log_leve add_test(NAME UPDATE_VSYS_NUM COMMAND bash -c "sed -i '32i load_vsys_num=2' ${TEST_RUN_DIR}/conf/verify_policy.conf") add_test(NAME UPDATE_START_VSYS COMMAND bash -c "sed -i '33i load_start_vsys=1' ${TEST_RUN_DIR}/conf/verify_policy.conf") add_test(NAME UPDATE_JSON_FILE COMMAND bash -c "sed -i 's/json_cfg_file=\\.\\/resource\\/verify-policy\\.json/json_cfg_file=\\.\\/resource\\/VerifyPolicyManipulation\\.json/' ${TEST_RUN_DIR}/conf/verify_policy.conf") -add_test(NAME COPY_CONF COMMAND sh -c "cp ${TEST_RUN_DIR}/conf/verify_policy.conf ${TEST_RUN_DIR}/conf/verify_policy2.conf") -add_test(NAME UPDATE_JSON_FILE2 COMMAND bash -c "sed -i 's/json_cfg_file=\\.\\/resource\\/VerifyPolicyManipulation\\.json/json_cfg_file=\\.\\/resource\\/VerifyPolicyTunnel\\.json/' ${TEST_RUN_DIR}/conf/verify_policy2.conf") add_test(NAME VERIFY_POLICY_TEST COMMAND verify_policy_test)
\ No newline at end of file diff --git a/test/resource/HitPolicyRequest.json b/test/resource/HitPolicyRequest.json index b58607e..6b28f1b 100644 --- a/test/resource/HitPolicyRequest.json +++ b/test/resource/HitPolicyRequest.json @@ -82,7 +82,7 @@ "table_name": "ATTR_TUNNEL", "attribute_name": "tunnel_endpointa", "attribute_value": { - "ip": "192.168.0.1", + "ip": "192.168.0.4", "tunnel_type":"gtp", "addr_type": 4 } @@ -107,7 +107,7 @@ "table_name": "ATTR_TUNNEL", "attribute_name": "tunnel_endpointb", "attribute_value": { - "ip": "192.168.0.2", + "ip": "192.168.0.5", "tunnel_type":"gtp", "addr_type": 4 } @@ -132,7 +132,7 @@ "table_name": "ATTR_TUNNEL", "attribute_name": "tunnel_endpointa", "attribute_value": { - "ip": "192.168.0.2", + "ip": "192.168.0.5", "tunnel_type":"gtp", "addr_type": 4 } @@ -142,7 +142,7 @@ "table_name": "ATTR_TUNNEL", "attribute_name": "tunnel_endpointb", "attribute_value": { - "ip": "192.168.0.3", + "ip": "192.168.0.6", "tunnel_type":"gtp", "addr_type": 4 } @@ -202,6 +202,104 @@ } ], "verify_type": "policy" + }, + { + "__item_id": 6, + "vsys_id": 1, + "verify_list": [ + { + "type": "pxy_manipulation", + "vsys_id": 1, + "verify_session": { + "attributes": [ + { + "attribute_type": "ip", + "table_name": "ATTR_IP_PROTOCOL", + "attribute_name": "ip_protocol", + "attribute_value": { + "addr_type": 4, + "protocol": 6 + } + }, + { + "attribute_type": "ip", + "table_name": "ATTR_TUNNEL", + "attribute_name": "tunnel_endpointa", + "attribute_value": { + "ip": "192.168.0.5", + "tunnel_type":"gtp", + "addr_type": 4 + } + }, + { + "attribute_type": "ip", + "table_name": "ATTR_TUNNEL", + "attribute_name": "tunnel_endpointb", + "attribute_value": { + "ip": "192.168.0.6", + "tunnel_type":"gtp", + "addr_type": 4 + } + }, + { + "attribute_type": "ip", + "table_name": "ATTR_SOURCE_IP", + "attribute_name": "source", + "attribute_value": { + "ip": "192.168.1.1", + "port":"8080", + "addr_type": 4 + } + } + ] + } + } + ], + "verify_type": "policy" + }, + { + "__item_id": 7, + "vsys_id": 1, + "verify_list": [ + { + "type": "pxy_manipulation", + "vsys_id": 1, + "verify_session": { + "attributes": [ + { + "attribute_type": "ip", + "table_name": "ATTR_IP_PROTOCOL", + "attribute_name": "ip_protocol", + "attribute_value": { + "addr_type": 4, + "protocol": 6 + } + }, + { + "attribute_type": "ip", + "table_name": "ATTR_TUNNEL", + "attribute_name": "tunnel_endpointa", + "attribute_value": { + "ip": "192.168.0.4", + "tunnel_type":"gtp", + "addr_type": 4 + } + }, + { + "attribute_type": "ip", + "table_name": "ATTR_TUNNEL", + "attribute_name": "tunnel_endpointb", + "attribute_value": { + "ip": "192.168.0.6", + "tunnel_type":"gtp", + "addr_type": 4 + } + } + ] + } + } + ], + "verify_type": "policy" } ] }
\ No newline at end of file diff --git a/test/resource/HitPolicyResult.json b/test/resource/HitPolicyResult.json index a617203..bd72357 100644 --- a/test/resource/HitPolicyResult.json +++ b/test/resource/HitPolicyResult.json @@ -349,6 +349,143 @@ } }, "success": true + }, + { + "code": 200, + "msg": "Success", + "data": { + "hitPolicyList": [ + { + "id": 1026, + "policyName": "", + "is_execute_policy": true, + "top_object_list": [ + { + "object_id": 3022, + "table_name": "ATTR_TUNNEL", + "not_flag": 0, + "nth_clause": 0 + } + ] + }, + { + "id": 1025, + "policyName": "", + "is_execute_policy": false, + "top_object_list": [ + { + "object_id": 3023, + "table_name": "ATTR_TUNNEL", + "not_flag": 0, + "nth_clause": 0 + } + ] + } + ], + "verify_session": { + "attributes": [ + { + "attribute_type": "ip", + "table_name": "ATTR_IP_PROTOCOL", + "attribute_name": "ip_protocol", + "attribute_value": { + "addr_type": 4, + "protocol": 6 + }, + "hit_paths": [ + { + "item_id": 0, + "superior_object_id": 6 + } + ] + }, + { + "attribute_type": "ip", + "table_name": "ATTR_TUNNEL", + "attribute_name": "tunnel_endpoint_object", + "hit_paths": [ + { + "item_id": 0, + "superior_object_id": 3022 + }, + { + "item_id": 0, + "superior_object_id": 3023 + } + ] + }, + { + "attribute_type": "ip", + "table_name": "ATTR_SOURCE_IP", + "attribute_name": "source", + "attribute_value": { + "ip": "192.168.1.1", + "port": "8080", + "addr_type": 4 + }, + "hit_paths": [ + { + "entry_id": 1, + "tag_id": 11 + } + ] + } + ] + } + }, + "success": true + }, + { + "code": 200, + "msg": "Success", + "data": { + "hitPolicyList": [ + { + "id": 1027, + "policyName": "", + "is_execute_policy": true, + "top_object_list": [ + { + "object_id": 3022, + "table_name": "ATTR_TUNNEL", + "not_flag": 1, + "nth_clause": 0 + } + ] + } + ], + "verify_session": { + "attributes": [ + { + "attribute_type": "ip", + "table_name": "ATTR_IP_PROTOCOL", + "attribute_name": "ip_protocol", + "attribute_value": { + "addr_type": 4, + "protocol": 6 + }, + "hit_paths": [ + { + "item_id": 0, + "superior_object_id": 6 + } + ] + }, + { + "attribute_type": "ip", + "table_name": "ATTR_TUNNEL", + "attribute_name": "tunnel_endpoint_object", + "hit_paths": [ + { + "item_id": 0, + "superior_object_id": 3021 + } + ] + } + ] + } + }, + "success": true } ] }
\ No newline at end of file diff --git a/test/resource/VerifyPolicyManipulation.json b/test/resource/VerifyPolicyManipulation.json index fa7dd51..c51c220 100644 --- a/test/resource/VerifyPolicyManipulation.json +++ b/test/resource/VerifyPolicyManipulation.json @@ -175,6 +175,181 @@ "virtual_table":"ATTR_SSL_SAN" } ] + }, + { + "compile_id": 3021, + "service": 13, + "action": 1, + "do_blacklist": 0, + "do_log": 1, + "tags": "{}", + "user_region": "anything", + "evaluation_order": "0.0", + "compile_table_name": "TUNNEL_COMPILE", + "is_valid": "yes", + "groups": [ + { + "not_flag": 0, + "group_id": 248, + "group_name": "TunnelIpv4TCPSoureVeiryPolicy01", + "virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT", + "g2c_table_name": "GROUP_TUNNEL_COMPILE_RELATION", + "regions": [ + { + "table_name": "TSG_OBJ_IP_ADDR", + "table_type": "ip", + "table_content": { + "addr_type": "ipv4", + "addr_format": "range", + "ip1": "192.168.0.4", + "ip2": "192.168.0.4" + } + } + ] + } + ] + }, + { + "compile_id": 3022, + "service": 13, + "action": 1, + "do_blacklist": 0, + "do_log": 1, + "tags": "{}", + "user_region": "anything", + "evaluation_order": "0.0", + "compile_table_name": "TUNNEL_COMPILE", + "is_valid": "yes", + "groups": [ + { + "not_flag": 0, + "group_id": 2, + "group_name": "TunnelIpv4TCPSoureVeiryPolicy02", + "virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT", + "g2c_table_name": "GROUP_TUNNEL_COMPILE_RELATION", + "regions": [ + { + "table_name": "TSG_OBJ_IP_ADDR", + "table_type": "ip", + "table_content": { + "addr_type": "ipv4", + "addr_format": "range", + "ip1": "192.168.0.5", + "ip2": "192.168.0.5" + } + } + ] + } + ] + }, + { + "compile_id": 3023, + "service": 13, + "action": 1, + "do_blacklist": 0, + "do_log": 1, + "tags": "{}", + "user_region": "anything", + "evaluation_order": "0.0", + "compile_table_name": "TUNNEL_COMPILE", + "is_valid": "yes", + "groups": [ + { + "not_flag": 0, + "group_id": 3, + "group_name": "TunnelIpv4TCPSoureVeiryPolicy03", + "virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT", + "g2c_table_name": "GROUP_TUNNEL_COMPILE_RELATION", + "regions": [ + { + "table_name": "TSG_OBJ_IP_ADDR", + "table_type": "ip", + "table_content": { + "addr_type": "ipv4", + "addr_format": "range", + "ip1": "192.168.0.5", + "ip2": "192.168.0.5" + } + } + ] + }, + { + "not_flag": 0, + "group_id": 4, + "group_name": "TunnelIpv4TCPSoureVeiryPolicy04", + "virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT", + "g2c_table_name": "GROUP_TUNNEL_COMPILE_RELATION", + "regions": [ + { + "table_name": "TSG_OBJ_IP_ADDR", + "table_type": "ip", + "table_content": { + "addr_type": "ipv4", + "addr_format": "range", + "ip1": "192.168.0.6", + "ip2": "192.168.0.6" + } + } + ] + } + ] + }, + { + "compile_id": 1025, + "service": 1, + "action": 48, + "do_blacklist": 1, + "do_log": 1, + "effective_range": 0, + "tags":"anything", + "user_region": "anything", + "is_valid": "yes", + "groups": [ + { + "not_flag":0, + "group_id": 3023, + "group_name":"TunnelEndpointVeiryPolicy01", + "virtual_table":"ATTR_TUNNEL" + } + ] + }, + { + "compile_id": 1026, + "service": 1, + "action": 48, + "do_blacklist": 1, + "do_log": 1, + "effective_range": 0, + "tags":"anything", + "user_region": "anything", + "is_valid": "yes", + "groups": [ + { + "not_flag":0, + "group_id": 3022, + "group_name":"TunnelEndpointVeiryPolicy03", + "virtual_table":"ATTR_TUNNEL" + } + ] + }, + { + "compile_id": 1027, + "service": 1, + "action": 48, + "do_blacklist": 1, + "do_log": 1, + "effective_range": 0, + "tags":"anything", + "user_region": "anything", + "is_valid": "yes", + "groups": [ + { + "not_flag":1, + "group_id": 3022, + "group_name":"TunnelEndpointVeiryPolicy03", + "virtual_table":"ATTR_TUNNEL" + } + ] } ], "plugin_table": [ diff --git a/test/resource/VerifyPolicyTunnel.json b/test/resource/VerifyPolicyTunnel.json deleted file mode 100644 index f7b697f..0000000 --- a/test/resource/VerifyPolicyTunnel.json +++ /dev/null @@ -1,118 +0,0 @@ -{ - "compile_table": "TUNNEL_COMPILE", - "group2compile_table": "GROUP_TUNNEL_COMPILE_RELATION", - "group2group_table": "GROUP_GROUP_RELATION", - "rules": [ - { - "compile_id": 3021, - "service": 13, - "action": 1, - "do_blacklist": 0, - "do_log": 1, - "tags": "{}", - "user_region": "anything", - "evaluation_order": "0.0", - "is_valid": "yes", - "groups": [ - { - "not_flag": 0, - "group_id": 1, - "group_name": "TunnelIpv4TCPSoureVeiryPolicy01", - "virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT", - "regions": [ - { - "table_name": "TSG_OBJ_IP_ADDR", - "table_type": "ip", - "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "192.168.0.1", - "ip2": "192.168.0.1" - } - } - ] - } - ] - }, - { - "compile_id": 3022, - "service": 13, - "action": 1, - "do_blacklist": 0, - "do_log": 1, - "tags": "{}", - "user_region": "anything", - "evaluation_order": "0.0", - "is_valid": "yes", - "groups": [ - { - "not_flag": 0, - "group_id": 2, - "group_name": "TunnelIpv4TCPSoureVeiryPolicy02", - "virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT", - "regions": [ - { - "table_name": "TSG_OBJ_IP_ADDR", - "table_type": "ip", - "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "192.168.0.2", - "ip2": "192.168.0.2" - } - } - ] - } - ] - }, - { - "compile_id": 3023, - "service": 13, - "action": 1, - "do_blacklist": 0, - "do_log": 1, - "tags": "{}", - "user_region": "anything", - "evaluation_order": "0.0", - "is_valid": "yes", - "groups": [ - { - "not_flag": 0, - "group_id": 3, - "group_name": "TunnelIpv4TCPSoureVeiryPolicy03", - "virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT", - "regions": [ - { - "table_name": "TSG_OBJ_IP_ADDR", - "table_type": "ip", - "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "192.168.0.2", - "ip2": "192.168.0.2" - } - } - ] - }, - { - "not_flag": 0, - "group_id": 4, - "group_name": "TunnelIpv4TCPSoureVeiryPolicy04", - "virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT", - "regions": [ - { - "table_name": "TSG_OBJ_IP_ADDR", - "table_type": "ip", - "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "192.168.0.3", - "ip2": "192.168.0.3" - } - } - ] - } - ] - } - ] -} diff --git a/test/verify_policy_test.cpp b/test/verify_policy_test.cpp index e109183..446c70c 100644 --- a/test/verify_policy_test.cpp +++ b/test/verify_policy_test.cpp @@ -299,17 +299,55 @@ TEST(VerifyPolicy, HitMultiplePolicy) FREE(&hit_policy_result); } -static void reload_maat_config(const char * main_profile) +TEST(VerifyPolicy, HitTunnelEndpointaPolicy_1025) { - verify_policy_table_free(main_profile); - int ret = verify_policy_table_init(g_verify_proxy, main_profile); - CHECK_OR_EXIT(ret == 0, "Failed at init maat module, Exit."); + char *hit_policy_request = select_hit_policy_request_item(6); + ASSERT_TRUE(hit_policy_request != NULL); + char *hit_policy_result = select_hit_policy_result_item(6); + ASSERT_TRUE(hit_policy_result != NULL); + + cJSON *result_json = get_verify_policy_query(hit_policy_request, strlen(hit_policy_request), 1); + ASSERT_TRUE(result_json != NULL); + + char *hit_policy_query = cJSON_PrintUnformatted(result_json); + ASSERT_TRUE(hit_policy_query != NULL); + + int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + EXPECT_EQ(equal, 0); + + cJSON_Delete(result_json); + FREE(&hit_policy_query); + FREE(&hit_policy_request); + FREE(&hit_policy_result); +} + +TEST(VerifyPolicy, HitTunnelEndpointaPolicy_1027) +{ + char *hit_policy_request = select_hit_policy_request_item(7); + ASSERT_TRUE(hit_policy_request != NULL); + char *hit_policy_result = select_hit_policy_result_item(7); + ASSERT_TRUE(hit_policy_result != NULL); + + cJSON *result_json = get_verify_policy_query(hit_policy_request, strlen(hit_policy_request), 1); + ASSERT_TRUE(result_json != NULL); + + char *hit_policy_query = cJSON_PrintUnformatted(result_json); + ASSERT_TRUE(hit_policy_query != NULL); + + printf("hit_policy_query = %s\n", hit_policy_query); + + int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + EXPECT_EQ(equal, 0); + + cJSON_Delete(result_json); + FREE(&hit_policy_query); + FREE(&hit_policy_request); + FREE(&hit_policy_result); } /*Tunnel Endpoint Policy Test**/ TEST(VerifyPolicy, HitTunnelEndpointaPolicy) { - reload_maat_config("./conf/verify_policy2.conf"); char *hit_policy_request = select_hit_policy_request_item(2); ASSERT_TRUE(hit_policy_request != NULL); char *hit_policy_result = select_hit_policy_result_item(2); |