diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/CMakeLists.txt | 4 | ||||
| -rw-r--r-- | test/resource/HitPolicyRequest.json | 185 | ||||
| -rw-r--r-- | test/resource/HitPolicyResult.json | 207 | ||||
| -rw-r--r-- | test/resource/VerifyPolicyManipulation.json | 41 | ||||
| -rw-r--r-- | test/verify_policy_test.cpp | 99 |
5 files changed, 321 insertions, 215 deletions
diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 90c98df..e60c03f 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -15,8 +15,8 @@ file(COPY ${CMAKE_SOURCE_DIR}/test/resource/HitPolicyRequest.json DESTINATION ${ add_test(NAME UPDATE_MAAT_MODE COMMAND bash -c "sed -i 's/maat_input_mode=1/maat_input_mode=0/' ${TEST_RUN_DIR}/conf/verify_policy.conf") add_test(NAME UPDATE_LOG_LEVEL COMMAND bash -c "sed -i 's/log_level=5/log_level=1/' ${TEST_RUN_DIR}/conf/verify_policy.conf") -add_test(NAME UPDATE_VSYS_NUM COMMAND bash -c "sed -i '32i load_vsys_num=2' ${TEST_RUN_DIR}/conf/verify_policy.conf") -add_test(NAME UPDATE_START_VSYS COMMAND bash -c "sed -i '33i load_start_vsys=1' ${TEST_RUN_DIR}/conf/verify_policy.conf") +add_test(NAME UPDATE_VSYS_NUM COMMAND bash -c "sed -i '30i load_vsys_num=2' ${TEST_RUN_DIR}/conf/verify_policy.conf") +add_test(NAME UPDATE_START_VSYS COMMAND bash -c "sed -i '31i load_start_vsys=1' ${TEST_RUN_DIR}/conf/verify_policy.conf") add_test(NAME UPDATE_JSON_FILE COMMAND bash -c "sed -i 's/json_cfg_file=\\.\\/resource\\/verify-policy\\.json/json_cfg_file=\\.\\/resource\\/VerifyPolicyManipulation\\.json/' ${TEST_RUN_DIR}/conf/verify_policy.conf") add_test(NAME VERIFY_POLICY_TEST COMMAND verify_policy_test)
\ No newline at end of file diff --git a/test/resource/HitPolicyRequest.json b/test/resource/HitPolicyRequest.json index 4085387..8cdbd8b 100644 --- a/test/resource/HitPolicyRequest.json +++ b/test/resource/HitPolicyRequest.json @@ -2,17 +2,15 @@ "Verify_Policy_Request": [ { "__item_id": 0, - "vsys_id": 1, + "vsys": 1, "verify_list": [ { "type": "pxy_manipulation", - "vsys_id": 1, "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.0.1", "port":"8080", @@ -27,17 +25,15 @@ }, { "__item_id": 1, - "vsys_id": 1, + "vsys": 1, "verify_list": [ { "type": "pxy_manipulation", - "vsys_id": 1, "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.1.1", "port":"8080", @@ -45,9 +41,8 @@ } }, { - "attribute_type": "ip", - "table_name": "ATTR_INTERNAL_IP", - "attribute_name": "internal", + "attribute_value_type": "ip", + "attribute_name": "ATTR_INTERNAL_IP", "attribute_value": { "ip": "192.168.1.2", "port": "80", @@ -55,9 +50,8 @@ } }, { - "attribute_type": "string", - "table_name": "ATTR_SERVER_FQDN", - "attribute_name": "server_fqdn", + "attribute_value_type": "string", + "attribute_name": "ATTR_SERVER_FQDN", "attribute_value": { "string": "www.126.com" } @@ -70,7 +64,7 @@ }, { "__item_id": 2, - "vsys_id": 1, + "vsys": 1, "verify_list": [ { "type": "security", @@ -78,9 +72,8 @@ "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", - "attribute_name": "tunnel_endpointa", + "attribute_value_type": "ip", + "attribute_name": "ATTR_TUNNEL", "attribute_value": { "ip": "192.168.0.4", "port":80, @@ -96,17 +89,15 @@ }, { "__item_id": 3, - "vsys_id": 1, + "vsys": 1, "verify_list": [ { "type": "security", - "vsys_id": 1, "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", - "attribute_name": "tunnel_endpointb", + "attribute_value_type": "ip", + "attribute_name": "ATTR_TUNNEL", "attribute_value": { "ip": "192.168.0.5", "tunnel_type":"gtp", @@ -121,17 +112,15 @@ }, { "__item_id": 4, - "vsys_id": 1, + "vsys": 1, "verify_list": [ { "type": "security", - "vsys_id": 1, "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", - "attribute_name": "tunnel_endpointa", + "attribute_value_type": "ip", + "attribute_name": "ATTR_TUNNEL", "attribute_value": { "ip": "192.168.0.5", "tunnel_type":"gtp", @@ -139,9 +128,8 @@ } }, { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", - "attribute_name": "tunnel_endpointb", + "attribute_value_type": "ip", + "attribute_name": "ATTR_TUNNEL", "attribute_value": { "ip": "192.168.0.6", "tunnel_type":"gtp", @@ -156,17 +144,15 @@ }, { "__item_id": 5, - "vsys_id": 1, + "vsys": 1, "verify_list": [ { "type": "pxy_manipulation", - "vsys_id": 1, "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.0.2", "port": "80", @@ -174,9 +160,8 @@ } }, { - "attribute_type": "ip", - "table_name": "ATTR_DESTINATION_IP", - "attribute_name": "destination", + "attribute_value_type": "ip", + "attribute_name": "ATTR_DESTINATION_IP", "attribute_value": { "ip": "192.168.0.3", "port": "80", @@ -184,17 +169,15 @@ } }, { - "attribute_type": "string", - "table_name": "ATTR_SERVER_FQDN", - "attribute_name": "server_fqdn", + "attribute_value_type": "string", + "attribute_name": "ATTR_SERVER_FQDN", "attribute_value": { "string": "www.baidu.com" } }, { - "attribute_type": "string", - "table_name": "ATTR_SSL_SAN", - "attribute_name": "ssl_san", + "attribute_value_type": "string", + "attribute_name": "ATTR_SSL_SAN", "attribute_value": { "string": "www.baidu.com" } @@ -207,26 +190,23 @@ }, { "__item_id": 6, - "vsys_id": 1, + "vsys": 1, "verify_list": [ { "type": "pxy_manipulation", - "vsys_id": 1, "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_IP_PROTOCOL", - "attribute_name": "ip_protocol", + "attribute_value_type": "ip", + "attribute_name": "ATTR_IP_PROTOCOL", "attribute_value": { "addr_type": 4, "protocol": 6 } }, { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", - "attribute_name": "tunnel_endpointa", + "attribute_value_type": "ip", + "attribute_name": "ATTR_TUNNEL", "attribute_value": { "ip": "192.168.0.5", "tunnel_type":"gtp", @@ -234,9 +214,8 @@ } }, { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", - "attribute_name": "tunnel_endpointb", + "attribute_value_type": "ip", + "attribute_name": "ATTR_TUNNEL", "attribute_value": { "ip": "192.168.0.6", "tunnel_type":"gtp", @@ -244,9 +223,8 @@ } }, { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.1.1", "port":"8080", @@ -261,26 +239,23 @@ }, { "__item_id": 7, - "vsys_id": 1, + "vsys": 1, "verify_list": [ { "type": "pxy_manipulation", - "vsys_id": 1, "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_IP_PROTOCOL", - "attribute_name": "ip_protocol", + "attribute_value_type": "ip", + "attribute_name": "ATTR_IP_PROTOCOL", "attribute_value": { "addr_type": 4, "protocol": 6 } }, { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", - "attribute_name": "tunnel_endpointa", + "attribute_value_type": "ip", + "attribute_name": "ATTR_TUNNEL", "attribute_value": { "ip": "192.168.0.4", "tunnel_type":"gtp", @@ -288,9 +263,8 @@ } }, { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", - "attribute_name": "tunnel_endpointb", + "attribute_value_type": "ip", + "attribute_name": "ATTR_TUNNEL", "attribute_value": { "ip": "192.168.0.6", "tunnel_type":"gtp", @@ -305,17 +279,15 @@ }, { "__item_id": 8, - "vsys_id": 1, + "vsys": 1, "verify_list": [ { "type": "pxy_manipulation", - "vsys_id": 1, "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.55.4", "port": "80", @@ -323,59 +295,52 @@ } }, { - "attribute_type": "ip", - "table_name": "ATTR_IP_PROTOCOL", - "attribute_name": "ip_protocol", + "attribute_value_type": "ip", + "attribute_name": "ATTR_IP_PROTOCOL", "attribute_value": { "addr_type": 4, "protocol": 6 } }, { - "attribute_type": "port", - "table_name": "ATTR_SOURCE_PORT", - "attribute_name": "source", + "attribute_value_type": "port", + "attribute_name": "ATTR_SOURCE_PORT", "attribute_value": { "port": "80" } }, { - "attribute_type": "numeric", - "table_name": "ATTR_APP_ID", - "attribute_name": "app_id", + "attribute_value_type": "numeric", + "attribute_name": "ATTR_APP_ID", "attribute_value": { "numeric": 67 } }, { - "attribute_type": "string", - "table_name": "ATTR_HTTP_REQ_HDR", - "attribute_name": "req_hdr", + "attribute_value_type": "string", + "attribute_name": "ATTR_HTTP_REQ_HDR", "attribute_value": { "district":"User-Agent", "string":"test" } }, { - "attribute_type": "string", - "table_name": "ATTR_TUNNEL_LEVEL", - "attribute_name": "tunnel_level", + "attribute_value_type": "string", + "attribute_name": "ATTR_TUNNEL_LEVEL", "attribute_value": { "numeric": 60 } }, { - "attribute_type": "flag", - "table_name": "ATTR_FLAG", - "attribute_name": "flag", + "attribute_value_type": "flag", + "attribute_name": "ATTR_FLAG", "attribute_value": { "numeric": 15 } }, { - "attribute_type": "boolean", - "table_name": "ATTR_SSL_ECH", - "attribute_name": "esni", + "attribute_value_type": "boolean", + "attribute_name": "ATTR_SSL_ECH", "attribute_value": { "numeric": 1 } @@ -385,6 +350,30 @@ } ], "verify_type": "policy" + }, + { + "__item_id": 9, + "vsys": 1, + "verify_list": [ + { + "type": "pxy_manipulation", + "vsys": 1, + "verify_session": { + "attributes": [ + { + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", + "attribute_value": { + "ip": "192.168.2.1", + "port":"8080", + "addr_type": 4 + } + } + ] + } + } + ], + "verify_type": "policy" } ] }
\ No newline at end of file diff --git a/test/resource/HitPolicyResult.json b/test/resource/HitPolicyResult.json index ce6f681..323aa7a 100644 --- a/test/resource/HitPolicyResult.json +++ b/test/resource/HitPolicyResult.json @@ -1,6 +1,7 @@ { "Verify_Policy_Result": [ { + "__item_id": 0, "code": 200, "msg": "Success", "data": { @@ -12,7 +13,7 @@ "top_object_list": [ { "object_uuid": "00005000-0000-0000-0000-000000000000", - "table_name": "ATTR_SOURCE_IP", + "attribute_name": "ATTR_SOURCE_IP", "negate_option": 0, "condition_index": 0 } @@ -22,9 +23,8 @@ "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.0.1", "port": "8080", @@ -43,6 +43,7 @@ "success": true }, { + "__item_id": 1, "code": 200, "msg": "Success", "data": { @@ -54,19 +55,19 @@ "top_object_list": [ { "tag_uuid": "00000011-0000-0000-0000-000000000000", - "table_name": "ATTR_SOURCE_IP", + "attribute_name": "ATTR_SOURCE_IP", "negate_option": 0, "condition_index": 0 }, { "tag_uuid": "00000012-0000-0000-0000-000000000000", - "table_name": "ATTR_INTERNAL_IP", + "attribute_name": "ATTR_INTERNAL_IP", "negate_option": 0, "condition_index": 1 }, { "tag_uuid": "00000001-0000-0000-0000-000000000000", - "table_name": "ATTR_SERVER_FQDN", + "attribute_name": "ATTR_SERVER_FQDN", "negate_option": 0, "condition_index": 2 } @@ -76,9 +77,8 @@ "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.1.1", "port": "8080", @@ -92,9 +92,8 @@ ] }, { - "attribute_type": "ip", - "table_name": "ATTR_INTERNAL_IP", - "attribute_name": "internal", + "attribute_value_type": "ip", + "attribute_name": "ATTR_INTERNAL_IP", "attribute_value": { "ip": "192.168.1.2", "port": "80", @@ -112,9 +111,8 @@ ] }, { - "attribute_type": "string", - "table_name": "ATTR_SERVER_FQDN", - "attribute_name": "server_fqdn", + "attribute_value_type": "string", + "attribute_name": "ATTR_SERVER_FQDN", "attribute_value": { "string": "www.126.com" }, @@ -131,13 +129,13 @@ "success": true }, { + "__item_id": 2, "code": 200, "msg": "Success", "data": { "verify_session": { "attributes": [{ - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", + "attribute_value_type": "ip", "attribute_name": "tunnel_endpoint_object", "hit_paths": [{ "item_uuid": "00000000-0000-0000-0000-000000000000", @@ -149,14 +147,14 @@ "success": true }, { + "__item_id": 3, "code": 200, "msg": "Success", "data": { "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", + "attribute_value_type": "ip", "attribute_name": "tunnel_endpoint_object", "hit_paths": [ { @@ -171,14 +169,14 @@ "success": true }, { + "__item_id": 4, "code": 200, "msg": "Success", "data": { "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", + "attribute_value_type": "ip", "attribute_name": "tunnel_endpoint_object", "hit_paths": [ { @@ -197,6 +195,7 @@ "success": true }, { + "__item_id": 5, "code": 200, "msg": "Success", "data": { @@ -208,25 +207,25 @@ "top_object_list": [ { "object_uuid": "00005001-0000-0000-0000-000000000000", - "table_name": "ATTR_SOURCE_IP", + "attribute_name": "ATTR_SOURCE_IP", "negate_option": 0, "condition_index": 0 }, { "object_uuid": "00005002-0000-0000-0000-000000000000", - "table_name": "ATTR_DESTINATION_IP", + "attribute_name": "ATTR_DESTINATION_IP", "negate_option": 0, "condition_index": 1 }, { "object_uuid": "00005003-0000-0000-0000-000000000000", - "table_name": "ATTR_SERVER_FQDN", + "attribute_name": "ATTR_SERVER_FQDN", "negate_option": 0, "condition_index": 2 }, { "object_uuid": "00005004-0000-0000-0000-000000000000", - "table_name": "ATTR_SSL_SAN", + "attribute_name": "ATTR_SSL_SAN", "negate_option": 0, "condition_index": 3 } @@ -239,25 +238,25 @@ "top_object_list": [ { "object_uuid": "00005001-0000-0000-0000-000000000000", - "table_name": "ATTR_SOURCE_IP", + "attribute_name": "ATTR_SOURCE_IP", "negate_option": 0, "condition_index": 0 }, { "object_uuid": "00005002-0000-0000-0000-000000000000", - "table_name": "ATTR_DESTINATION_IP", + "attribute_name": "ATTR_DESTINATION_IP", "negate_option": 0, "condition_index": 1 }, { "object_uuid": "00005003-0000-0000-0000-000000000000", - "table_name": "ATTR_SERVER_FQDN", + "attribute_name": "ATTR_SERVER_FQDN", "negate_option": 0, "condition_index": 2 }, { "object_uuid": "00005004-0000-0000-0000-000000000000", - "table_name": "ATTR_SSL_SAN", + "attribute_name": "ATTR_SSL_SAN", "negate_option": 0, "condition_index": 3 } @@ -267,9 +266,8 @@ "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.0.2", "port": "80", @@ -283,9 +281,8 @@ ] }, { - "attribute_type": "ip", - "table_name": "ATTR_DESTINATION_IP", - "attribute_name": "destination", + "attribute_value_type": "ip", + "attribute_name": "ATTR_DESTINATION_IP", "attribute_value": { "ip": "192.168.0.3", "port": "80", @@ -299,9 +296,8 @@ ] }, { - "attribute_type": "string", - "table_name": "ATTR_SERVER_FQDN", - "attribute_name": "server_fqdn", + "attribute_value_type": "string", + "attribute_name": "ATTR_SERVER_FQDN", "attribute_value": { "string": "www.baidu.com" }, @@ -325,9 +321,8 @@ ] }, { - "attribute_type": "string", - "table_name": "ATTR_SSL_SAN", - "attribute_name": "ssl_san", + "attribute_value_type": "string", + "attribute_name": "ATTR_SSL_SAN", "attribute_value": { "string": "www.baidu.com" }, @@ -356,6 +351,7 @@ "success": true }, { + "__item_id": 6, "code": 200, "msg": "Success", "data": { @@ -367,7 +363,7 @@ "top_object_list": [ { "object_uuid": "00003022-0000-0000-0000-000000000000", - "table_name": "ATTR_TUNNEL", + "attribute_name": "ATTR_TUNNEL", "negate_option": 0, "condition_index": 0 } @@ -380,7 +376,7 @@ "top_object_list": [ { "object_uuid": "00003023-0000-0000-0000-000000000000", - "table_name": "ATTR_TUNNEL", + "attribute_name": "ATTR_TUNNEL", "negate_option": 0, "condition_index": 0 } @@ -390,9 +386,8 @@ "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_IP_PROTOCOL", - "attribute_name": "ip_protocol", + "attribute_value_type": "ip", + "attribute_name": "ATTR_IP_PROTOCOL", "attribute_value": { "addr_type": 4, "protocol": 6 @@ -405,8 +400,7 @@ ] }, { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", + "attribute_value_type": "ip", "attribute_name": "tunnel_endpoint_object", "hit_paths": [ { @@ -420,9 +414,8 @@ ] }, { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.1.1", "port": "8080", @@ -441,6 +434,7 @@ "success": true }, { + "__item_id": 7, "code": 200, "msg": "Success", "data": { @@ -452,7 +446,7 @@ "top_object_list": [ { "object_uuid": "00003022-0000-0000-0000-000000000000", - "table_name": "ATTR_TUNNEL", + "attribute_name": "ATTR_TUNNEL", "negate_option": 1, "condition_index": 0 } @@ -462,9 +456,8 @@ "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_IP_PROTOCOL", - "attribute_name": "ip_protocol", + "attribute_value_type": "ip", + "attribute_name": "ATTR_IP_PROTOCOL", "attribute_value": { "addr_type": 4, "protocol": 6 @@ -477,8 +470,7 @@ ] }, { - "attribute_type": "ip", - "table_name": "ATTR_TUNNEL", + "attribute_value_type": "ip", "attribute_name": "tunnel_endpoint_object", "hit_paths": [ { @@ -497,6 +489,7 @@ "success": true }, { + "__item_id": 8, "code": 200, "msg": "Success", "data": { @@ -508,49 +501,49 @@ "top_object_list": [ { "object_uuid": "00500100-0000-0000-0000-000000000000", - "table_name": "ATTR_SOURCE_IP", + "attribute_name": "ATTR_SOURCE_IP", "negate_option": 0, "condition_index": 0 }, { "object_uuid": "00000000-0000-0000-0000-000000000006", - "table_name": "ATTR_IP_PROTOCOL", + "attribute_name": "ATTR_IP_PROTOCOL", "negate_option": 0, "condition_index": 3 }, { "object_uuid": "00500200-0000-0000-0000-000000000000", - "table_name": "ATTR_SOURCE_PORT", + "attribute_name": "ATTR_SOURCE_PORT", "negate_option": 0, "condition_index": 4 }, { "object_uuid": "00000201-0000-0000-0000-000000000000", - "table_name": "ATTR_APP_ID", + "attribute_name": "ATTR_APP_ID", "negate_option": 0, "condition_index": 1 }, { "object_uuid": "00000000-0000-0000-0000-000000001000", - "table_name": "ATTR_HTTP_REQ_HDR", + "attribute_name": "ATTR_HTTP_REQ_HDR", "negate_option": 0, "condition_index": 2 }, { "object_uuid": "00000000-0000-0000-0000-000000000050", - "table_name": "ATTR_TUNNEL_LEVEL", + "attribute_name": "ATTR_TUNNEL_LEVEL", "negate_option": 0, "condition_index": 5 }, { "object_uuid": "00500300-0000-0000-0000-000000000000", - "table_name": "ATTR_FLAG", + "attribute_name": "ATTR_FLAG", "negate_option": 0, "condition_index": 6 }, { "object_uuid": "00000000-0000-0000-0000-000000000002", - "table_name": "ATTR_SSL_ECH", + "attribute_name": "ATTR_SSL_ECH", "negate_option": 0, "condition_index": 7 } @@ -560,9 +553,8 @@ "verify_session": { "attributes": [ { - "attribute_type": "ip", - "table_name": "ATTR_SOURCE_IP", - "attribute_name": "source", + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", "attribute_value": { "ip": "192.168.55.4", "port": "80", @@ -576,9 +568,8 @@ ] }, { - "attribute_type": "ip", - "table_name": "ATTR_IP_PROTOCOL", - "attribute_name": "ip_protocol", + "attribute_value_type": "ip", + "attribute_name": "ATTR_IP_PROTOCOL", "attribute_value": { "addr_type": 4, "protocol": 6 @@ -591,9 +582,8 @@ ] }, { - "attribute_type": "port", - "table_name": "ATTR_SOURCE_PORT", - "attribute_name": "source", + "attribute_value_type": "port", + "attribute_name": "ATTR_SOURCE_PORT", "attribute_value": { "port": "80" }, @@ -605,9 +595,8 @@ ] }, { - "attribute_type": "numeric", - "table_name": "ATTR_APP_ID", - "attribute_name": "app_id", + "attribute_value_type": "numeric", + "attribute_name": "ATTR_APP_ID", "attribute_value": { "numeric": 67 }, @@ -619,9 +608,8 @@ ] }, { - "attribute_type": "string", - "table_name": "ATTR_HTTP_REQ_HDR", - "attribute_name": "req_hdr", + "attribute_value_type": "string", + "attribute_name": "ATTR_HTTP_REQ_HDR", "attribute_value": { "district": "User-Agent", "string": "test" @@ -634,9 +622,8 @@ ] }, { - "attribute_type": "string", - "table_name": "ATTR_TUNNEL_LEVEL", - "attribute_name": "tunnel_level", + "attribute_value_type": "string", + "attribute_name": "ATTR_TUNNEL_LEVEL", "attribute_value": { "numeric": 60 }, @@ -648,9 +635,8 @@ ] }, { - "attribute_type": "flag", - "table_name": "ATTR_FLAG", - "attribute_name": "flag", + "attribute_value_type": "flag", + "attribute_name": "ATTR_FLAG", "attribute_value": { "numeric": 15 }, @@ -662,9 +648,8 @@ ] }, { - "attribute_type": "boolean", - "table_name": "ATTR_SSL_ECH", - "attribute_name": "esni", + "attribute_value_type": "boolean", + "attribute_name": "ATTR_SSL_ECH", "attribute_value": { "numeric": 1 }, @@ -679,6 +664,48 @@ } }, "success": true + }, + { + "__item_id": 9, + "code": 200, + "msg": "Success", + "data": { + "hit_policy_list": [ + { + "uuid": "00002020-0000-0000-0000-000000000000", + "policyName": "", + "is_execute_policy": true, + "top_object_list": [ + { + "object_uuid": "00008000-0000-0000-0000-000000000000", + "attribute_name": "ATTR_SOURCE_IP", + "negate_option": 0, + "condition_index": 0 + } + ] + } + ], + "verify_session": { + "attributes": [ + { + "attribute_value_type": "ip", + "attribute_name": "ATTR_SOURCE_IP", + "attribute_value": { + "ip": "192.168.2.1", + "port": "8080", + "addr_type": 4 + }, + "hit_paths": [ + { + "item_uuid": "00000000-0000-0000-0000-000000001013", + "superior_object_uuid": "00008000-0000-0000-0000-000000000000" + } + ] + } + ] + } + }, + "success": true } ] }
\ No newline at end of file diff --git a/test/resource/VerifyPolicyManipulation.json b/test/resource/VerifyPolicyManipulation.json index f201311..c131acc 100644 --- a/test/resource/VerifyPolicyManipulation.json +++ b/test/resource/VerifyPolicyManipulation.json @@ -1,6 +1,6 @@ { "rule_table": "PXY_CTRL_RULE", - "object2object_table": "OBJECT_GROUP", + "object_group_table": "OBJECT_GROUP", "rules": [ { "uuid": "00001021-0000-0000-0000-000000000000", @@ -473,6 +473,37 @@ ] } ] + }, + { + "uuid": "00002020-0000-0000-0000-000000000000", + "service": 1, + "action": "manipulate", + "blacklist_option": 1, + "log_option": "all", + "action_parameter": "anything", + "is_valid": "yes", + "and_conditions": [ + { + "attribute_name": "ATTR_SOURCE_IP", + "negate_option": false, + "objects": [ + { + "object_name": "IPv4TCPSoureVeiryPolicy03", + "uuid": "00008000-0000-0000-0000-000000000000", + "items": [ + { + "table_type": "ip", + "table_name": "TSG_OBJ_IP_ADDR", + "table_content": { + "ip": "192.168.2.1/32", + "port": "8080" + } + } + ] + } + ] + } + ] } ], "plugin_table": [ @@ -515,6 +546,14 @@ {"app_id":67,"object_uuid":"00000201-0000-0000-0000-000000000000","app_name":"http","is_valid":1}, {"app_id":68,"object_uuid":"00068000-0000-0000-0000-000000000000","app_name":"https","is_valid":1} ] + }, + { + "table_name": "ATTRIBUTE_DICT", + "table_content": [ + {"uuid":"4fff0ed4-f02b-17ee-3f74-b66310c5d1e2","is_valid":1,"attribute_name":"ATTR_SERVER_FQDN","available_object_type":"fqdn","object_table_name":"TSG_OBJ_FQDN"}, + {"uuid":"4fff0ed4-f02b-17ee-3f74-b66310c5d1e2","is_valid":1,"attribute_name":"ATTR_SSL_SAN","available_object_type":"fqdn","object_table_name":"TSG_OBJ_FQDN"}, + {"uuid":"ca317931-96f8-1979-ea7c-2bb791858df6","is_valid":1,"attribute_name":"ATTR_HTTP_REQ_HDR","available_object_type":"keyword","object_table_name":"tsg_obj_keyword"} + ] } ] } diff --git a/test/verify_policy_test.cpp b/test/verify_policy_test.cpp index d46c396..adc0d90 100644 --- a/test/verify_policy_test.cpp +++ b/test/verify_policy_test.cpp @@ -89,7 +89,7 @@ static char *select_hit_policy_request_item(int gtest_id) TEST(LibrarySearch, HitFqdnEntry) { - const char *hit_policy_request = "{\"ip\":null,\"fqdn\":\"www.126.com\",\"vsys_id\":1}"; + const char *hit_policy_request = "{\"ip\":null,\"fqdn\":\"www.126.com\",\"vsys\":1}"; const char *hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000001-0000-0000-0000-000000000000\"}]},\"success\":true}"; cJSON *result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request)); @@ -104,7 +104,7 @@ TEST(LibrarySearch, HitFqdnEntry) cJSON_Delete(result_json); FREE(&hit_policy_list); - hit_policy_request = "{\"ip\":null,\"fqdn\":\"www.baidu.com\",\"vsys_id\":1}"; + hit_policy_request = "{\"ip\":null,\"fqdn\":\"www.baidu.com\",\"vsys\":1}"; hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000002-0000-0000-0000-000000000000,00000003-0000-0000-0000-000000000000\"}]},\"success\":true}"; result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request)); @@ -119,7 +119,7 @@ TEST(LibrarySearch, HitFqdnEntry) cJSON_Delete(result_json); FREE(&hit_policy_list); - hit_policy_request = "{\"ip\":null,\"fqdn\":\"www.qq.com\",\"vsys_id\":1}"; + hit_policy_request = "{\"ip\":null,\"fqdn\":\"www.qq.com\",\"vsys\":1}"; hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000004-0000-0000-0000-000000000000,00000005-0000-0000-0000-000000000000,00000006-0000-0000-0000-000000000000\"}]},\"success\":true}"; result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request)); @@ -137,7 +137,7 @@ TEST(LibrarySearch, HitFqdnEntry) TEST(LibrarySearch, HitIpEntry) { - const char *hit_policy_request = "{\"ip\":\"192.168.1.1\",\"fqdn\":null,\"vsys_id\":1}"; + const char *hit_policy_request = "{\"ip\":\"192.168.1.1\",\"fqdn\":null,\"vsys\":1}"; const char *hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000011-0000-0000-0000-000000000000\"}]},\"success\":true}"; cJSON *result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request)); @@ -153,7 +153,7 @@ TEST(LibrarySearch, HitIpEntry) cJSON_Delete(result_json); FREE(&hit_policy_list); - hit_policy_request ="{\"ip\":\"192.168.1.2\",\"fqdn\":null,\"vsys_id\":1}"; + hit_policy_request ="{\"ip\":\"192.168.1.2\",\"fqdn\":null,\"vsys\":1}"; hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000012-0000-0000-0000-000000000000,00000013-0000-0000-0000-000000000000\"}]},\"success\":true}"; result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request)); @@ -169,7 +169,7 @@ TEST(LibrarySearch, HitIpEntry) cJSON_Delete(result_json); FREE(&hit_policy_list); - hit_policy_request = "{\"ip\":\"192.168.1.3\",\"fqdn\":null,\"vsys_id\":1}"; + hit_policy_request = "{\"ip\":\"192.168.1.3\",\"fqdn\":null,\"vsys\":1}"; hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000014-0000-0000-0000-000000000000,00000015-0000-0000-0000-000000000000,00000016-0000-0000-0000-000000000000\"}]},\"success\":true}"; result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request)); @@ -236,6 +236,57 @@ TEST(VerifyPolicy, CheckRegexExpression) FREE(&hit_policy_query); } +TEST(VerifyPolicy, HitIpAddrPolicy) +{ + char *hit_policy_request = select_hit_policy_request_item(9); + ASSERT_TRUE(hit_policy_request != NULL); + char *hit_policy_result = select_hit_policy_result_item(9); + ASSERT_TRUE(hit_policy_result != NULL); + + cJSON *result_json = get_verify_policy_query(hit_policy_request, strlen(hit_policy_request), 1); + ASSERT_TRUE(result_json != NULL); + + char *hit_policy_query = cJSON_PrintUnformatted(result_json); + ASSERT_TRUE(hit_policy_query != NULL); + + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); + EXPECT_EQ(equal, 0); + + cJSON_Delete(result_json); + FREE(&hit_policy_query); + FREE(&hit_policy_request); + FREE(&hit_policy_result); +} + +TEST(VerifyPolicy, HitNegateIpAddrPolicy) +{ + +} + +TEST(VerifyPolicy, HitIntegerPolicy) +{ + + +} + +TEST(VerifyPolicy, HitStringPolicy) +{ + + +} + +TEST(VerifyPolicy, HitObjectPolicy) +{ + + +} + +TEST(VerifyPolicy, HitGroupPolicy) +{ + + +} + TEST(VerifyPolicy, HitIpPolicy) { char *hit_policy_request = select_hit_policy_request_item(0); @@ -249,10 +300,10 @@ TEST(VerifyPolicy, HitIpPolicy) char *hit_policy_query = cJSON_PrintUnformatted(result_json); ASSERT_TRUE(hit_policy_query != NULL); - printf("hit_policy_query = %s\n", hit_policy_query); - printf("hit_policy_result = %s\n", hit_policy_result); + printf("hit_policy_query = %s\n", hit_policy_query+2); + printf("hit_policy_result = %s\n", hit_policy_result+16); - int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); EXPECT_EQ(equal, 0); cJSON_Delete(result_json); @@ -274,10 +325,10 @@ TEST(VerifyPolicy, HitLibraryPolicy) char *hit_policy_query = cJSON_PrintUnformatted(result_json); ASSERT_TRUE(hit_policy_query != NULL); - printf("hit_policy_query = %s\n", hit_policy_query); - printf("hit_policy_result = %s\n", hit_policy_result); + //printf("hit_policy_query = %s\n", hit_policy_query); + //printf("hit_policy_result = %s\n", hit_policy_result); - int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); EXPECT_EQ(equal, 0); cJSON_Delete(result_json); @@ -299,10 +350,10 @@ TEST(VerifyPolicy, HitMultiplePolicy) char *hit_policy_query = cJSON_PrintUnformatted(result_json); ASSERT_TRUE(hit_policy_query != NULL); - printf("hit_policy_query = %s\n", hit_policy_query); - printf("hit_policy_result = %s\n", hit_policy_result); + //printf("hit_policy_query = %s\n", hit_policy_query); + //printf("hit_policy_result = %s\n", hit_policy_result); - int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); EXPECT_EQ(equal, 0); cJSON_Delete(result_json); @@ -324,7 +375,7 @@ TEST(VerifyPolicy, HitTunnelEndpointaPolicy_1025) char *hit_policy_query = cJSON_PrintUnformatted(result_json); ASSERT_TRUE(hit_policy_query != NULL); - int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); EXPECT_EQ(equal, 0); cJSON_Delete(result_json); @@ -346,7 +397,7 @@ TEST(VerifyPolicy, HitTunnelEndpointaPolicy_1027) char *hit_policy_query = cJSON_PrintUnformatted(result_json); ASSERT_TRUE(hit_policy_query != NULL); - int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); EXPECT_EQ(equal, 0); cJSON_Delete(result_json); @@ -369,7 +420,7 @@ TEST(VerifyPolicy, HitTunnelEndpointaPolicy) char *hit_policy_query = cJSON_PrintUnformatted(result_json); ASSERT_TRUE(hit_policy_query != NULL); - int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); EXPECT_EQ(equal, 0); cJSON_Delete(result_json); @@ -391,7 +442,7 @@ TEST(VerifyPolicy, HitTunnelEndpointbPolicy) char *hit_policy_query = cJSON_PrintUnformatted(result_json); ASSERT_TRUE(hit_policy_query != NULL); - int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); EXPECT_EQ(equal, 0); cJSON_Delete(result_json); @@ -413,7 +464,7 @@ TEST(VerifyPolicy, HitTunnelEndpointPolicy) char *hit_policy_query = cJSON_PrintUnformatted(result_json); ASSERT_TRUE(hit_policy_query != NULL); - int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); EXPECT_EQ(equal, 0); cJSON_Delete(result_json); @@ -435,11 +486,11 @@ TEST(VerifyPolicy, HitAllObjectPolicy) char *hit_policy_query = cJSON_PrintUnformatted(result_json); ASSERT_TRUE(hit_policy_query != NULL); - printf("hit_policy_request = %s\n", hit_policy_request); - printf("hit_policy_query = %s\n", hit_policy_query); - printf("hit_policy_result = %s\n", hit_policy_result); + //printf("hit_policy_request = %s\n", hit_policy_request); + //printf("hit_policy_query = %s\n", hit_policy_query); + //printf("hit_policy_result = %s\n", hit_policy_result); - int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result)); + int equal = strncasecmp(hit_policy_query+2, hit_policy_result+16, strlen(hit_policy_result)); EXPECT_EQ(equal, 0); cJSON_Delete(result_json); |