diff options
| author | fumingwei <[email protected]> | 2021-12-21 11:14:54 +0800 |
|---|---|---|
| committer | fumingwei <[email protected]> | 2021-12-24 11:03:11 +0800 |
| commit | ef53d7eadb2db5237989242735c2ab0b3b77c794 (patch) | |
| tree | 462de180231b3137dbca8b0f442d88e791f34dce | |
| parent | 21357e0f966d8879ddfd9cd235332559ef65378a (diff) | |
feature:TSG-7962:修改case名字、增加检验策略url和host是否存在的casev22.01.1
12 files changed, 413 insertions, 180 deletions
diff --git a/images_build/client/dign_client/bin/client.py b/images_build/client/dign_client/bin/client.py index 031ad77..9ea1105 100644 --- a/images_build/client/dign_client/bin/client.py +++ b/images_build/client/dign_client/bin/client.py @@ -19,45 +19,49 @@ import sys import logging -suite_test_config_dict = {'test_securityPolicy_bypass': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_dnsRequest_deny_drop': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_dnsRequest_deny_redirect_a': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_dnsRequest_deny_redirect_aaaa': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_dnsRequest_deny_redirect_a_range_ttl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_dnsRequest_deny_redirect_aaaa_range_ttl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, +suite_test_config_dict = {'test_firewallBypass_ssl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyDrop_dns': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyRedirectA_dns': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyRedirectAAAA_dns': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyRedirectARangeTTL_dns': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyRedirectAAAARangeTTL_dns': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, 'test_dnsRequest_allow_rdtype_a': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, 'test_dnsRequest_allow_rdtype_aaaa': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, 'test_dnsRequest_allow_rdtype_cname': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_securityPolicy_intercept': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_securityPolicy_intercept_certerrExpired': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_securityPolicy_intercept_certerrSelf_signed': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_securityPolicy_intercept_certerrUntrusted_root': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_ssl_redirect': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_ssl_block': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_ssl_replace': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_ssl_hijack': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_ssl_insert': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_http_redirect': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_http_block': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_http_replace': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_http_hijack': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_proxyPolicy_http_insert': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_https_con_traffic_1k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_https_con_traffic_4k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_https_con_traffic_16k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_https_con_traffic_64k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_https_con_traffic_256k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_https_con_traffic_1M': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_https_con_traffic_4M': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_https_con_traffic_16M': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_https_con_traffic_64M': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_http_firewall_allow': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_http_firewall_deny_drop': {'enabled':1,'conn_timeout':4,'max_recv_speed_large':6553600}, - 'test_http_firewall_deny_rst': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_http_firewall_deny_block': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_ssl_firewall_allow': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, - 'test_ssl_firewall_deny_drop': {'enabled':1,'conn_timeout':4,'max_recv_speed_large':6553600}, - 'test_ssl_firewall_deny_rst': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_ssl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslCerterrExpired': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslCerterrSelfsigned': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslCerterrUntrustedroot': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyRedirect_ssl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyBlock_ssl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyReplace_ssl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyHijack_ssl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyInsert_ssl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyRedirect_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyBlock_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyReplace_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyHijack_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyInsert_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslDownloadSize1k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslDownloadSize4k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslDownloadSize16k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslDownloadSize64k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslDownloadSize256k': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslDownloadSize1M': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslDownloadSize4M': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslDownloadSize16M': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallIntercept_sslDownloadSize64M': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallAllow_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyDrop_http': {'enabled':1,'conn_timeout':4,'max_recv_speed_large':6553600}, + 'test_firewallDenyReset_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyBlock_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallAllow_ssl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyDrop_ssl': {'enabled':1,'conn_timeout':4,'max_recv_speed_large':6553600}, + 'test_firewallDenyReset_ssl': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyResetFilterHost_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_firewallDenyResetFilterURL_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyDenyFilterHost_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, + 'test_proxyDenyFilterURL_http': {'enabled':1,'conn_timeout':1,'max_recv_speed_large':6553600}, 'start_time_random_delay_range': {'enabled':1,'left_edge':1,'right_edge':30}} @@ -134,6 +138,15 @@ URLSslFirewallAllow = "https://sha512.badssl.selftest.gdnt-cloud.websit URLSslFirewallDenyDrop = "https://rsa2048.badssl.selftest.gdnt-cloud.website" URLSslFirewallDenyRst = "https://rsa4096.badssl.selftest.gdnt-cloud.website" +URLHttpFirewallDenyRstFilterHost = 'http://testing-firewall-filter-host.badssl.selftest.gdnt-cloud.website' +URLHttpFirewallDenyRstFilterURL = 'http://testing-firewall-filter-url.badssl.selftest.gdnt-cloud.website' +URLHttpProxyDenyFilterHost = 'http://testing-proxy-filter-host.badssl.selftest.gdnt-cloud.website' +URLHttpProxyDenyFilterURL = 'http://testing-proxy-filter-url.badssl.selftest.gdnt-cloud.website' + +http_firewall_deny_rst_filter_host_re = "testing firewall deny reset filter host ok" +http_firewall_deny_rst_filter_url_re = "testing firewall deny reset filter url ok" +http_proxy_deny_filter_host_re = "testing proxy deny filter host ok" +http_proxy_deny_filter_url_re = "testing proxy deny filter url ok" HOST_DNS_ALLOW_A = "dnstest.allow-a-ipv4.selftest.gdnt-cloud.website" HOST_DNS_DENY_REDIRECT_A = "dnstest.deny-redirect-a-ipv4.selftest.gdnt-cloud.website" @@ -205,7 +218,7 @@ class DignTextTestResult(unittest.result.TestResult): if self.descriptions and doc_first_line: return '\n'.join((str(test), doc_first_line)) else: - return str(test) + return str(test).split(' ', 1 )[0] def startTest(self, test): super(DignTextTestResult, self).startTest(test) @@ -922,29 +935,76 @@ class SslFirewallActionBuild: raise Exception("Error: The stream may be not rst %s" % errorinfo) -class SslUnitTest(unittest.TestCase): +class FilterTestingBuild: + def __init__(self): + self.conn = pycurl.Curl() + self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write) + + def _set_conn_opt(self,test_suite_name, url): + self.conn.setopt(self.conn.MAX_RECV_SPEED_LARGE, int(suite_test_config_dict[test_suite_name]['max_recv_speed_large'])) + self.conn.setopt(self.conn.URL,url) + self.conn.setopt(self.conn.TIMEOUT, int(suite_test_config_dict[test_suite_name]['conn_timeout'])) + + def _firewall_deny_reset(self,test_suite_name, url, raise_re): + self._set_conn_opt(test_suite_name,url) + try: + self.conn.perform() + self.conn.close() + except pycurl.error as errorinfo: + errcode = errorinfo.args[0] + if(errcode == 56): + raise Exception(raise_re) + else: + raise Exception("Error: The stream may be not rst %s" % errorinfo) + + def _proxy_deny(self,test_suite_name,url,replaceStr,raise_re): + bodyBuf = BytesIO() + self._set_conn_opt(test_suite_name,url) + self.conn.setopt(self.conn.WRITEDATA, bodyBuf) + self.conn.perform() + rescode = self.conn.getinfo(self.conn.RESPONSE_CODE) + body = bodyBuf.getvalue().decode('utf-8') + self.conn.close() + if re.search(replaceStr, body, 0) and (rescode == 404 or rescode == 451): + raise Exception(raise_re) + else: + raise Exception("Error:Http connection block fail, RESPONSE_CODE = %d" % rescode) + + def firewall_http_deny_reset_filter_host(self,test_suite_name): + self._firewall_deny_reset(test_suite_name,URLHttpFirewallDenyRstFilterHost,http_firewall_deny_rst_filter_host_re) - def test_dnsRequest_deny_drop(self): + def firewall_http_deny_reset_filter_url(self,test_suite_name): + self._firewall_deny_reset(test_suite_name,URLHttpFirewallDenyRstFilterURL,http_firewall_deny_rst_filter_url_re) + + def proxy_http_deny_filter_host(self,test_suite_name): + self._proxy_deny(test_suite_name,URLHttpProxyDenyFilterHost, "testing-proxy-filter-host",http_proxy_deny_filter_host_re) + + def proxy_http_deny_filter_url(self,test_suite_name): + self._proxy_deny(test_suite_name,URLHttpProxyDenyFilterURL,"testing-proxy-filter-url",http_proxy_deny_filter_url_re) + +class TSGDiagnoseTest(unittest.TestCase): + + def test_firewallDenyDrop_dns(self): dnsHandler = DNSCheckRequestBuild() with self.assertRaisesRegex(Exception, DnsRequestFirewallDenyDrop): dnsHandler.dns_action_deny_subaction_drop() - def test_dnsRequest_deny_redirect_a(self): + def test_firewallDenyRedirectA_dns(self): dnsHandler = DNSCheckRequestBuild() with self.assertRaisesRegex(Exception, DnsARequestFireWallDenyRedirect): dnsHandler.dns_action_deny_subaction_redirect_a() - def test_dnsRequest_deny_redirect_aaaa(self): + def test_firewallDenyRedirectAAAA_dns(self): dnsHandler = DNSCheckRequestBuild() with self.assertRaisesRegex(Exception, DnsAAAARequestFireWallDenyRedirect): dnsHandler.dns_action_deny_subaction_redirect_aaaa() - def test_dnsRequest_deny_redirect_a_range_ttl(self): + def test_firewallDenyRedirectARangeTTL_dns(self): dnsHandler = DNSCheckRequestBuild() with self.assertRaisesRegex(Exception, DnsARequestFireWallDenyRedirectRangTTL): dnsHandler.dns_action_deny_subaction_redirect_a_rang_ttl() - def test_dnsRequest_deny_redirect_aaaa_range_ttl(self): + def test_firewallDenyRedirectAAAARangeTTL_dns(self): dnsHandler = DNSCheckRequestBuild() with self.assertRaisesRegex(Exception, DnsAAAARequestFireWallDenyRedirectRangTTL): dnsHandler.dns_action_deny_subaction_redirect_aaaa_rang_ttl() @@ -964,161 +1024,181 @@ class SslUnitTest(unittest.TestCase): with self.assertRaisesRegex(Exception, DnsCNAMERequestFirewallAllow): dnsHandler.dns_action_allow_rdtype_cname() - def test_securityPolicy_bypass(self): + def test_firewallBypass_ssl(self): sslHandler = SSLCheckRequestBuild() with self.assertRaisesRegex(Exception, ssl_bypass_info_re): - sslHandler.ssl_bypass('test_securityPolicy_bypass') + sslHandler.ssl_bypass('test_firewallBypass_ssl') - def test_securityPolicy_intercept(self): + def test_firewallIntercept_ssl(self): sslHandler = SSLCheckRequestBuild() with self.assertRaisesRegex(Exception, ssl_intercept_info_re): - sslHandler.ssl_intercept('test_securityPolicy_intercept') + sslHandler.ssl_intercept('test_firewallIntercept_ssl') - def test_securityPolicy_intercept_certerrExpired(self): + def test_firewallIntercept_sslCerterrExpired(self): requestHandler = SslInterceptRequestBuild() with self.assertRaisesRegex(Exception, https_exprired_info_re): - requestHandler.ssl_intercept_certerrExpired('test_securityPolicy_intercept_certerrExpired') + requestHandler.ssl_intercept_certerrExpired('test_firewallIntercept_sslCerterrExpired') - def test_securityPolicy_intercept_certerrSelf_signed(self): + def test_firewallIntercept_sslCerterrSelfsigned(self): requestHandler = SslInterceptRequestBuild() with self.assertRaisesRegex(Exception, https_self_signed_info_re): - requestHandler.ssl_intercept_certerrSelf_signed('test_securityPolicy_intercept_certerrSelf_signed') + requestHandler.ssl_intercept_certerrSelf_signed('test_firewallIntercept_sslCerterrSelfsigned') - def test_securityPolicy_intercept_certerrUntrusted_root(self): + def test_firewallIntercept_sslCerterrUntrustedroot(self): requestHandler = SslInterceptRequestBuild() with self.assertRaisesRegex(Exception, https_untrusted_root_info_re): - requestHandler.ssl_intercept_certerrUntrusted_root('test_securityPolicy_intercept_certerrUntrusted_root') + requestHandler.ssl_intercept_certerrUntrusted_root('test_firewallIntercept_sslCerterrUntrustedroot') - def test_proxyPolicy_ssl_redirect(self): + def test_proxyRedirect_ssl(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, ssl_redirect_info_re): - proxyHandler.proxy_redirect('test_proxyPolicy_ssl_redirect',URLSslRedirect,True) + proxyHandler.proxy_redirect('test_proxyRedirect_ssl',URLSslRedirect,True) - def test_proxyPolicy_ssl_block(self): + def test_proxyBlock_ssl(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, ssl_block_info_re): - proxyHandler.proxy_block('test_proxyPolicy_ssl_block', URLSslBlock,True) + proxyHandler.proxy_block('test_proxyBlock_ssl', URLSslBlock,True) - def test_proxyPolicy_ssl_replace(self): + def test_proxyReplace_ssl(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, ssl_replace_info_re): - proxyHandler.proxy_replace('test_proxyPolicy_ssl_replace',URLSslReplace, True) + proxyHandler.proxy_replace('test_proxyReplace_ssl',URLSslReplace, True) - def test_proxyPolicy_ssl_hijack(self): + def test_proxyHijack_ssl(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, ssl_hijack_info_re): - proxyHandler.proxy_hijack('test_proxyPolicy_ssl_hijack', URLSslHijack,True) + proxyHandler.proxy_hijack('test_proxyHijack_ssl', URLSslHijack,True) - def test_proxyPolicy_ssl_insert(self): + def test_proxyInsert_ssl(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, ssl_insert_info_re): - proxyHandler.proxy_insert('test_proxyPolicy_ssl_insert',URLSslInsert,True) + proxyHandler.proxy_insert('test_proxyInsert_ssl',URLSslInsert,True) - def test_proxyPolicy_http_redirect(self): + def test_proxyRedirect_http(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, http_redirect_info_re): - proxyHandler.proxy_redirect('test_proxyPolicy_http_redirect',URLHttpRedirect, False) + proxyHandler.proxy_redirect('test_proxyRedirect_http',URLHttpRedirect, False) - def test_proxyPolicy_http_block(self): + def test_proxyBlock_http(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, http_block_info_re): - proxyHandler.proxy_block('test_proxyPolicy_http_block', URLHttpBlock,False) + proxyHandler.proxy_block('test_proxyBlock_http', URLHttpBlock,False) - def test_proxyPolicy_http_replace(self): + def test_proxyReplace_http(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, http_replace_info_re): - proxyHandler.proxy_replace('test_proxyPolicy_http_replace',URLHttpReplace, False) + proxyHandler.proxy_replace('test_proxyReplace_http',URLHttpReplace, False) - def test_proxyPolicy_http_hijack(self): + def test_proxyHijack_http(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, http_hijack_info_re): - proxyHandler.proxy_hijack('test_proxyPolicy_http_hijack', URLHttpHijack,False) + proxyHandler.proxy_hijack('test_proxyHijack_http', URLHttpHijack,False) - def test_proxyPolicy_http_insert(self): + def test_proxyInsert_http(self): proxyHandler = ProxyRequestBuild() with self.assertRaisesRegex(Exception, http_insert_info_re): - proxyHandler.proxy_insert('test_proxyPolicy_http_insert',URLHttpInsert,False) + proxyHandler.proxy_insert('test_proxyInsert_http',URLHttpInsert,False) - def test_https_con_traffic_1k(self): + def test_firewallIntercept_sslDownloadSize1k(self): requestHandler = SSLFileDownloadBuild() with self.assertRaisesRegex(Exception,https_conn_taffic_1k_re): - requestHandler.conn_traffic( 'test_https_con_traffic_1k', URLConTraffic_1k, https_conn_taffic_1k_re,'1k', 1024) + requestHandler.conn_traffic( 'test_firewallIntercept_sslDownloadSize1k', URLConTraffic_1k, https_conn_taffic_1k_re,'1k', 1024) - def test_https_con_traffic_4k(self): + def test_firewallIntercept_sslDownloadSize4k(self): requestHandler = SSLFileDownloadBuild() with self.assertRaisesRegex(Exception,https_conn_taffic_4k_re): - requestHandler.conn_traffic( 'test_https_con_traffic_4k',URLConTraffic_4k, https_conn_taffic_4k_re, '4k', 4*1024) + requestHandler.conn_traffic( 'test_firewallIntercept_sslDownloadSize4k',URLConTraffic_4k, https_conn_taffic_4k_re, '4k', 4*1024) - def test_https_con_traffic_16k(self): + def test_firewallIntercept_sslDownloadSize16k(self): requestHandler = SSLFileDownloadBuild() with self.assertRaisesRegex(Exception,https_conn_taffic_16k_re): - requestHandler.conn_traffic( 'test_https_con_traffic_16k', URLConTraffic_16k, https_conn_taffic_16k_re,'16k', 16*1024) + requestHandler.conn_traffic( 'test_firewallIntercept_sslDownloadSize16k', URLConTraffic_16k, https_conn_taffic_16k_re,'16k', 16*1024) - def test_https_con_traffic_64k(self): + def test_firewallIntercept_sslDownloadSize64k(self): requestHandler = SSLFileDownloadBuild() with self.assertRaisesRegex(Exception,https_conn_taffic_64k_re): - requestHandler.conn_traffic( 'test_https_con_traffic_64k',URLConTraffic_64k, https_conn_taffic_64k_re, '64k', 64*1024) + requestHandler.conn_traffic( 'test_firewallIntercept_sslDownloadSize64k',URLConTraffic_64k, https_conn_taffic_64k_re, '64k', 64*1024) - def test_https_con_traffic_256k(self): + def test_firewallIntercept_sslDownloadSize256k(self): requestHandler = SSLFileDownloadBuild() with self.assertRaisesRegex(Exception,https_conn_taffic_256k_re): - requestHandler.conn_traffic( 'test_https_con_traffic_256k', URLConTraffic_256k,https_conn_taffic_256k_re,'256k', 256*1024) + requestHandler.conn_traffic( 'test_firewallIntercept_sslDownloadSize256k', URLConTraffic_256k,https_conn_taffic_256k_re,'256k', 256*1024) - def test_https_con_traffic_1M(self): + def test_firewallIntercept_sslDownloadSize1M(self): requestHandler = SSLFileDownloadBuild() with self.assertRaisesRegex(Exception,https_conn_taffic_1M_re): - requestHandler.conn_traffic( 'test_https_con_traffic_1M', URLConTraffic_1M, https_conn_taffic_1M_re, '1M', 1024 * 1024) + requestHandler.conn_traffic( 'test_firewallIntercept_sslDownloadSize1M', URLConTraffic_1M, https_conn_taffic_1M_re, '1M', 1024 * 1024) - def test_https_con_traffic_4M(self): + def test_firewallIntercept_sslDownloadSize4M(self): requestHandler = SSLFileDownloadBuild() with self.assertRaisesRegex(Exception,https_conn_taffic_4M_re): - requestHandler.conn_traffic( 'test_https_con_traffic_4M', URLConTraffic_4M, https_conn_taffic_4M_re,'4M', 4*1024*1024) + requestHandler.conn_traffic( 'test_firewallIntercept_sslDownloadSize4M', URLConTraffic_4M, https_conn_taffic_4M_re,'4M', 4*1024*1024) - def test_https_con_traffic_16M(self): + def test_firewallIntercept_sslDownloadSize16M(self): requestHandler = SSLFileDownloadBuild() with self.assertRaisesRegex(Exception,https_conn_taffic_16M_re): - requestHandler.conn_traffic( 'test_https_con_traffic_16M', URLConTraffic_16M,https_conn_taffic_16M_re,'16M',16*1024*1024) + requestHandler.conn_traffic( 'test_firewallIntercept_sslDownloadSize16M', URLConTraffic_16M,https_conn_taffic_16M_re,'16M',16*1024*1024) - def test_https_con_traffic_64M(self): + def test_firewallIntercept_sslDownloadSize64M(self): requestHandler = SSLFileDownloadBuild() with self.assertRaisesRegex(Exception,https_conn_taffic_64M_re): - requestHandler.conn_traffic( 'test_https_con_traffic_64M',URLConTraffic_64M,https_conn_taffic_64M_re, '64M', 64*1024*1024) + requestHandler.conn_traffic( 'test_firewallIntercept_sslDownloadSize64M',URLConTraffic_64M,https_conn_taffic_64M_re, '64M', 64*1024*1024) - def test_http_firewall_allow(self): + def test_firewallAllow_http(self): requestHandler = HttpFirewallActionBuild() with self.assertRaisesRegex(Exception, http_firewall_allow_re): - requestHandler.action_allow('test_http_firewall_allow') + requestHandler.action_allow('test_firewallAllow_http') - def test_http_firewall_deny_drop(self): + def test_firewallDenyDrop_http(self): requestHandler = HttpFirewallActionBuild() with self.assertRaisesRegex(Exception, http_firewall_deny_drop_re): - requestHandler.action_deny_subaction_drop('test_http_firewall_deny_drop') + requestHandler.action_deny_subaction_drop('test_firewallDenyDrop_http') - def test_http_firewall_deny_rst(self): + def test_firewallDenyReset_http(self): requestHandler = HttpFirewallActionBuild() with self.assertRaisesRegex(Exception, http_firewall_deny_rst_re): - requestHandler.action_deny_subaction_rst('test_http_firewall_deny_rst') + requestHandler.action_deny_subaction_rst('test_firewallDenyReset_http') - def test_http_firewall_deny_block(self): + def test_firewallDenyBlock_http(self): requestHandler = HttpFirewallActionBuild() with self.assertRaisesRegex(Exception, http_firewall_deny_block_re): - requestHandler.action_deny_subaction_block('test_http_firewall_deny_block') + requestHandler.action_deny_subaction_block('test_firewallDenyBlock_http') - def test_ssl_firewall_allow(self): + def test_firewallAllow_ssl(self): requestHandler = SslFirewallActionBuild() with self.assertRaisesRegex(Exception, ssl_firewall_allow_re): - requestHandler.action_allow('test_ssl_firewall_allow') + requestHandler.action_allow('test_firewallAllow_ssl') - def test_ssl_firewall_deny_drop(self): + def test_firewallDenyDrop_ssl(self): requestHandler = SslFirewallActionBuild() with self.assertRaisesRegex(Exception, ssl_firewall_deny_drop_re): - requestHandler.action_deny_subaction_drop('test_ssl_firewall_deny_drop') + requestHandler.action_deny_subaction_drop('test_firewallDenyDrop_ssl') - def test_ssl_firewall_deny_rst(self): + def test_firewallDenyReset_ssl(self): requestHandler = SslFirewallActionBuild() with self.assertRaisesRegex(Exception, ssl_firewall_deny_rst_re): - requestHandler.action_deny_subaction_rst('test_ssl_firewall_deny_rst') + requestHandler.action_deny_subaction_rst('test_firewallDenyReset_ssl') + + def test_firewallDenyResetFilterHost_http(self): + requestHandler = FilterTestingBuild() + with self.assertRaisesRegex(Exception, http_firewall_deny_rst_filter_host_re): + requestHandler.firewall_http_deny_reset_filter_host('test_firewallDenyResetFilterHost_http') + + def test_firewallDenyResetFilterURL_http(self): + requestHandler = FilterTestingBuild() + with self.assertRaisesRegex(Exception, http_firewall_deny_rst_filter_url_re): + requestHandler.firewall_http_deny_reset_filter_url('test_firewallDenyResetFilterURL_http') + + def test_proxyDenyFilterHost_http(self): + requestHandler = FilterTestingBuild() + with self.assertRaisesRegex(Exception, http_proxy_deny_filter_host_re): + requestHandler.proxy_http_deny_filter_host('test_proxyDenyFilterHost_http') + + def test_proxyDenyFilterURL_http(self): + requestHandler = FilterTestingBuild() + with self.assertRaisesRegex(Exception, http_proxy_deny_filter_url_re): + requestHandler.proxy_http_deny_filter_url('test_proxyDenyFilterURL_http') class TsgDiagnose: def __init__(self): @@ -1166,50 +1246,54 @@ class TsgDiagnose: def _add_suite(self,test_suite_name): if int(self.config_dict[test_suite_name]['enabled']) == 1: - self.suite.addTest(SslUnitTest(test_suite_name)) + self.suite.addTest(TSGDiagnoseTest(test_suite_name)) def _add_dign_case(self): self.suite = unittest.TestSuite() self.suite._cleanup = False - self._add_suite('test_securityPolicy_bypass') - self._add_suite('test_securityPolicy_intercept') - self._add_suite('test_securityPolicy_intercept_certerrExpired') - self._add_suite('test_securityPolicy_intercept_certerrSelf_signed') - self._add_suite('test_securityPolicy_intercept_certerrUntrusted_root') - self._add_suite('test_proxyPolicy_ssl_redirect') - self._add_suite('test_proxyPolicy_ssl_block') - self._add_suite('test_proxyPolicy_ssl_replace') - self._add_suite('test_proxyPolicy_ssl_hijack') - self._add_suite('test_proxyPolicy_ssl_insert') - self._add_suite('test_proxyPolicy_http_redirect') - self._add_suite('test_proxyPolicy_http_block') - self._add_suite('test_proxyPolicy_http_replace') - self._add_suite('test_proxyPolicy_http_hijack') - self._add_suite('test_proxyPolicy_http_insert') - self._add_suite('test_https_con_traffic_1k') - self._add_suite('test_https_con_traffic_4k') - self._add_suite('test_https_con_traffic_16k') - self._add_suite('test_https_con_traffic_64k') - self._add_suite('test_https_con_traffic_256k') - self._add_suite('test_https_con_traffic_1M') - self._add_suite('test_https_con_traffic_4M') - self._add_suite('test_https_con_traffic_16M') - self._add_suite('test_https_con_traffic_64M') - self._add_suite('test_http_firewall_allow') - self._add_suite('test_http_firewall_deny_drop') - self._add_suite('test_http_firewall_deny_rst') - self._add_suite('test_http_firewall_deny_block') - self._add_suite('test_ssl_firewall_allow') - self._add_suite('test_ssl_firewall_deny_drop') - self._add_suite('test_ssl_firewall_deny_rst') - self._add_suite('test_dnsRequest_deny_drop') - self._add_suite('test_dnsRequest_deny_redirect_a') - self._add_suite('test_dnsRequest_deny_redirect_aaaa') - self._add_suite('test_dnsRequest_deny_redirect_a_range_ttl') - self._add_suite('test_dnsRequest_deny_redirect_aaaa_range_ttl') + self._add_suite('test_firewallBypass_ssl') + self._add_suite('test_firewallIntercept_ssl') + self._add_suite('test_firewallIntercept_sslCerterrExpired') + self._add_suite('test_firewallIntercept_sslCerterrSelfsigned') + self._add_suite('test_firewallIntercept_sslCerterrUntrustedroot') + self._add_suite('test_proxyRedirect_ssl') + self._add_suite('test_proxyBlock_ssl') + self._add_suite('test_proxyReplace_ssl') + self._add_suite('test_proxyHijack_ssl') + self._add_suite('test_proxyInsert_ssl') + self._add_suite('test_proxyRedirect_http') + self._add_suite('test_proxyBlock_http') + self._add_suite('test_proxyReplace_http') + self._add_suite('test_proxyHijack_http') + self._add_suite('test_proxyInsert_http') + self._add_suite('test_firewallAllow_http') + self._add_suite('test_firewallDenyDrop_http') + self._add_suite('test_firewallDenyReset_http') + self._add_suite('test_firewallDenyBlock_http') + self._add_suite('test_firewallAllow_ssl') + self._add_suite('test_firewallDenyDrop_ssl') + self._add_suite('test_firewallDenyReset_ssl') + self._add_suite('test_firewallDenyDrop_dns') + self._add_suite('test_firewallDenyRedirectA_dns') + self._add_suite('test_firewallDenyRedirectAAAA_dns') + self._add_suite('test_firewallDenyRedirectARangeTTL_dns') + self._add_suite('test_firewallDenyRedirectAAAARangeTTL_dns') + self._add_suite('test_firewallIntercept_sslDownloadSize1k') + self._add_suite('test_firewallIntercept_sslDownloadSize4k') + self._add_suite('test_firewallIntercept_sslDownloadSize16k') + self._add_suite('test_firewallIntercept_sslDownloadSize64k') + self._add_suite('test_firewallIntercept_sslDownloadSize256k') + self._add_suite('test_firewallIntercept_sslDownloadSize1M') + self._add_suite('test_firewallIntercept_sslDownloadSize4M') + self._add_suite('test_firewallIntercept_sslDownloadSize16M') + self._add_suite('test_firewallIntercept_sslDownloadSize64M') + self._add_suite('test_firewallDenyResetFilterHost_http') + self._add_suite('test_firewallDenyResetFilterURL_http') + self._add_suite('test_proxyDenyFilterHost_http') + self._add_suite('test_proxyDenyFilterURL_http') def _dign_running(self): - print(format(("Test start time: " + time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())),'#^120s')) + print(format(("Test start time: " + time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())),'#^70s')) runningLogPath = "/opt/dign_client/log/tsg-diagnose.log" + '.' + time.strftime("%Y-%m-%d", time.localtime()) #runningLogger = get_logger("running",runningLogPath, False) #runningLogger.debug("Diagnose Start,the It will take up to %d seconds" %(self.dign_duration)) @@ -1224,7 +1308,7 @@ class TsgDiagnose: f.write(time.strftime("%a %b %d %H:%M:%S %Y", time.localtime()) + "Diagnose end, Testing results:" + "\n" + result_stream.getvalue()) f.close() #runningLogger.debug("Diagnose end, Testing results:" + "\n" + result_stream.getvalue()) - print(format(("Test end time: " + time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())),'=^120s')) + print(format(("Test end time: " + time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())),'=^70s')) def dign_exec(self): self._get_dign_option() diff --git a/images_build/client/dign_client/etc/client.conf b/images_build/client/dign_client/etc/client.conf index 4abbe5c..a1e68bf 100644 --- a/images_build/client/dign_client/etc/client.conf +++ b/images_build/client/dign_client/etc/client.conf @@ -1,4 +1,4 @@ -[test_securityPolicy_bypass] +[test_firewallBypass_ssl] # enabled = 1 run this case enabled = 1 #Connection TIMEOUT, in seconds @@ -6,27 +6,27 @@ conn_timeout = 1 #max_recv_speed_large byte/s max_recv_speed_large = 6553600 -[test_dnsRequest_deny_drop] +[test_firewallDenyDrop_dns] enabled = 1 conn_timeout = 3 max_recv_speed_large = 6553600 -[test_dnsRequest_deny_redirect_a] +[test_firewallDenyRedirectA_dns] enabled = 1 conn_timeout = 3 max_recv_speed_large = 6553600 -[test_dnsRequest_deny_redirect_aaaa] +[test_firewallDenyRedirectAAAA_dns] enabled = 1 conn_timeout = 3 max_recv_speed_large = 6553600 -[test_dnsRequest_deny_redirect_a_range_ttl] +[test_firewallDenyRedirectARangeTTL_dns] enabled = 1 conn_timeout = 3 max_recv_speed_large = 6553600 -[test_dnsRequest_deny_redirect_aaaa_range_ttl] +[test_firewallDenyRedirectAAAARangeTTL_dns] enabled = 1 conn_timeout = 3 max_recv_speed_large = 6553600 @@ -47,152 +47,172 @@ max_recv_speed_large = 6553600 #conn_timeout = 3 #max_recv_speed_large = 6553600 -[test_securityPolicy_intercept] +[test_firewallIntercept_ssl] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_securityPolicy_intercept_certerrExpired] +[test_firewallIntercept_sslCerterrExpired] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_securityPolicy_intercept_certerrSelf_signed] +[test_firewallIntercept_sslCerterrSelfsigned] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_securityPolicy_intercept_certerrUntrusted_root] +[test_firewallIntercept_sslCerterrUntrustedroot] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_ssl_redirect] +[test_proxyRedirect_ssl] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_ssl_block] +[test_proxyBlock_ssl] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_ssl_replace] +[test_proxyReplace_ssl] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_ssl_hijack] +[test_proxyHijack_ssl] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_ssl_insert] +[test_proxyInsert_ssl] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_http_redirect] +[test_proxyRedirect_http] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_http_block] +[test_proxyBlock_http] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_http_replace] +[test_proxyReplace_http] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_http_hijack] +[test_proxyHijack_http] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_proxyPolicy_http_insert] +[test_proxyInsert_http] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_https_con_traffic_1k] +[test_firewallIntercept_sslDownloadSize1k] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_https_con_traffic_4k] +[test_firewallIntercept_sslDownloadSize4k] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_https_con_traffic_16k] +[test_firewallIntercept_sslDownloadSize16k] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_https_con_traffic_64k] +[test_firewallIntercept_sslDownloadSize64k] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_https_con_traffic_256k] +[test_firewallIntercept_sslDownloadSize256k] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_https_con_traffic_1M] +[test_firewallIntercept_sslDownloadSize1M] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_https_con_traffic_4M] +[test_firewallIntercept_sslDownloadSize4M] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_https_con_traffic_16M] +[test_firewallIntercept_sslDownloadSize16M] enabled = 1 conn_timeout = 4 max_recv_speed_large = 6553600 -[test_https_con_traffic_64M] +[test_firewallIntercept_sslDownloadSize64M] enabled = 1 conn_timeout = 12 max_recv_speed_large = 6553600 -[test_http_firewall_allow] +[test_firewallAllow_http] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_http_firewall_deny_drop] +[test_firewallDenyDrop_http] enabled = 1 conn_timeout = 4 max_recv_speed_large = 6553600 -[test_http_firewall_deny_rst] +[test_firewallDenyReset_http] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_http_firewall_deny_block] +[test_firewallDenyBlock_http] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_ssl_firewall_allow] +[test_firewallAllow_ssl] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 -[test_ssl_firewall_deny_drop] +[test_firewallDenyDrop_ssl] enabled = 1 conn_timeout = 4 max_recv_speed_large = 6553600 -[test_ssl_firewall_deny_rst] +[test_firewallDenyReset_ssl] +enabled = 1 +conn_timeout = 1 +max_recv_speed_large = 6553600 + +[test_firewallDenyResetFilterHost_http] +enabled = 1 +conn_timeout = 1 +max_recv_speed_large = 6553600 + +[test_firewallDenyResetFilterURL_http] +enabled = 1 +conn_timeout = 1 +max_recv_speed_large = 6553600 + +[test_proxyDenyFilterHost_http] +enabled = 1 +conn_timeout = 1 +max_recv_speed_large = 6553600 + +[test_proxyDenyFilterURL_http] enabled = 1 conn_timeout = 1 max_recv_speed_large = 6553600 diff --git a/images_build/client/dign_client/etc/hosts b/images_build/client/dign_client/etc/hosts index cd92f1e..5d7dfac 100644 --- a/images_build/client/dign_client/etc/hosts +++ b/images_build/client/dign_client/etc/hosts @@ -88,3 +88,7 @@ #### end of badssl.selftest.gdnt-cloud.website hosts #### 192.0.2.130 web-replay.badssl.selftest.gdnt-cloud.website 192.0.2.130 testing-download.badssl.selftest.gdnt-cloud.website +192.0.2.130 testing-firewall-filter-url.badssl.selftest.gdnt-cloud.website +192.0.2.130 testing-firewall-filter-host.badssl.selftest.gdnt-cloud.website +192.0.2.130 testing-proxy-filter-url.badssl.selftest.gdnt-cloud.website +192.0.2.130 testing-proxy-filter-host.badssl.selftest.gdnt-cloud.website diff --git a/images_build/server_web/domains/misc/badssl.com/index.html b/images_build/server_web/domains/misc/badssl.com/index.html index 72ecfd9..14db312 100644 --- a/images_build/server_web/domains/misc/badssl.com/index.html +++ b/images_build/server_web/domains/misc/badssl.com/index.html @@ -194,6 +194,13 @@ <a href="http://testing-download.{{ site.domain }}/download/" target="_blank" class="bullet-list"><span class="icon"></span>HTTP Testing download</a> <a href="https://testing-download.{{ site.domain }}/download/" target="_blank" class="bullet-list"><span class="icon"></span>HTTPS Testing download</a> </div> + <div class="group"> + <h2 id="testing-expand"><span class="emoji">🌊</span>Testing expand</h2> + <a href="https://testing-firewall-filter-url.{{ site.domain }}/" target="_blank" class="good"><span class="icon"></span>Testing firewall filter url</a> + <a href="https://testing-firewall-filter-host.{{ site.domain }}/" target="_blank" class="good"><span class="icon"></span>Testing firewall filter host</a> + <a href="https://testing-proxy-filter-url.{{ site.domain }}/" target="_blank" class="good"><span class="icon"></span>Testing proxy filter url</a> + <a href="https://testing-proxy-filter-host.{{ site.domain }}/" target="_blank" class="good"><span class="icon"></span>Testing proxy filter host</a> + </div> <div id="preload" style="width: 0; height: 0;"> <!-- <link rel=preload> results in warnings in Chrome: https://crbug.com/661055 --> <!-- Workaround: Load the images in bogus elements. --> diff --git a/images_build/server_web/domains/testing-expand/firewall-filter-host.conf b/images_build/server_web/domains/testing-expand/firewall-filter-host.conf new file mode 100644 index 0000000..0c30792 --- /dev/null +++ b/images_build/server_web/domains/testing-expand/firewall-filter-host.conf @@ -0,0 +1,16 @@ +--- +--- +server { + listen 80; + server_name testing-firewall-filter-host.{{ site.domain }}; + include {{ site.serving-path }}/common/common.conf; + root {{ site.serving-path }}/domains/testing-expand/firewall-filter-host; +} + +server { + listen 443; + server_name testing-firewall-filter-host.{{ site.domain }}; + include {{ site.serving-path }}/nginx-includes/wildcard-normal.conf; + include {{ site.serving-path }}/nginx-includes/tls-defaults.conf; + root {{ site.serving-path }}/domains/testing-expand/firewall-filter-host; +} diff --git a/images_build/server_web/domains/testing-expand/firewall-filter-host/index.html b/images_build/server_web/domains/testing-expand/firewall-filter-host/index.html new file mode 100644 index 0000000..ba182ae --- /dev/null +++ b/images_build/server_web/domains/testing-expand/firewall-filter-host/index.html @@ -0,0 +1,12 @@ +--- +subdomain: testing-firewall-filter-host +layout: page +favicon: green +background: green +--- + +<div id="content"> + <h1 style="font-size: 12vw;"> + {{ page.subdomain }}.<br>{{ site.domain }} + </h1> +</div> diff --git a/images_build/server_web/domains/testing-expand/firewall-filter-url.conf b/images_build/server_web/domains/testing-expand/firewall-filter-url.conf new file mode 100644 index 0000000..e7f902f --- /dev/null +++ b/images_build/server_web/domains/testing-expand/firewall-filter-url.conf @@ -0,0 +1,18 @@ +--- +--- +server { + listen 80; + server_name testing-firewall-filter-url.{{ site.domain }}; + + include {{ site.serving-path }}/common/common.conf; + root {{ site.serving-path }}/domains/testing-expand/firewall-filter-url; +} + +server { + listen 443; + server_name testing-firewall-filter-url.{{ site.domain }}; + + include {{ site.serving-path }}/nginx-includes/wildcard-normal.conf; + include {{ site.serving-path }}/nginx-includes/tls-defaults.conf; + root {{ site.serving-path }}/domains/testing-expand/firewall-filter-url; +} diff --git a/images_build/server_web/domains/testing-expand/firewall-filter-url/index.html b/images_build/server_web/domains/testing-expand/firewall-filter-url/index.html new file mode 100644 index 0000000..afe9f0e --- /dev/null +++ b/images_build/server_web/domains/testing-expand/firewall-filter-url/index.html @@ -0,0 +1,12 @@ +--- +subdomain: testing-firewall-filter-url +layout: page +favicon: green +background: green +--- + +<div id="content"> + <h1 style="font-size: 12vw;"> + {{ page.subdomain }}.<br>{{ site.domain }} + </h1> +</div> diff --git a/images_build/server_web/domains/testing-expand/proxy-filter-host.conf b/images_build/server_web/domains/testing-expand/proxy-filter-host.conf new file mode 100644 index 0000000..803d250 --- /dev/null +++ b/images_build/server_web/domains/testing-expand/proxy-filter-host.conf @@ -0,0 +1,18 @@ +--- +--- +server { + listen 80; + server_name testing-proxy-filter-host.{{ site.domain }}; + + include {{ site.serving-path }}/common/common.conf; + root {{ site.serving-path }}/domains/testing-expand/proxy-filter-host; +} + +server { + listen 443; + server_name testing-proxy-filter-host.{{ site.domain }}; + + include {{ site.serving-path }}/nginx-includes/wildcard-normal.conf; + include {{ site.serving-path }}/nginx-includes/tls-defaults.conf; + root {{ site.serving-path }}/domains/testing-expand/proxy-filter-host; +} diff --git a/images_build/server_web/domains/testing-expand/proxy-filter-host/index.html b/images_build/server_web/domains/testing-expand/proxy-filter-host/index.html new file mode 100644 index 0000000..2948d92 --- /dev/null +++ b/images_build/server_web/domains/testing-expand/proxy-filter-host/index.html @@ -0,0 +1,12 @@ +--- +subdomain: testing-proxy-filter-host +layout: page +favicon: green +background: green +--- + +<div id="content"> + <h1 style="font-size: 12vw;"> + {{ page.subdomain }}.<br>{{ site.domain }} + </h1> +</div> diff --git a/images_build/server_web/domains/testing-expand/proxy-filter-url.conf b/images_build/server_web/domains/testing-expand/proxy-filter-url.conf new file mode 100644 index 0000000..cfb2cb6 --- /dev/null +++ b/images_build/server_web/domains/testing-expand/proxy-filter-url.conf @@ -0,0 +1,18 @@ +--- +--- +server { + listen 80; + server_name testing-proxy-filter-url.{{ site.domain }}; + + include {{ site.serving-path }}/common/common.conf; + root {{ site.serving-path }}/domains/testing-expand/proxy-filter-url; +} + +server { + listen 443; + server_name testing-proxy-filter-url.{{ site.domain }}; + + include {{ site.serving-path }}/nginx-includes/wildcard-normal.conf; + include {{ site.serving-path }}/nginx-includes/tls-defaults.conf; + root {{ site.serving-path }}/domains/testing-expand/proxy-filter-url; +} diff --git a/images_build/server_web/domains/testing-expand/proxy-filter-url/index.html b/images_build/server_web/domains/testing-expand/proxy-filter-url/index.html new file mode 100644 index 0000000..73fb42c --- /dev/null +++ b/images_build/server_web/domains/testing-expand/proxy-filter-url/index.html @@ -0,0 +1,12 @@ +--- +subdomain: testing-proxy-filter-url +layout: page +favicon: green +background: green +--- + +<div id="content"> + <h1 style="font-size: 12vw;"> + {{ page.subdomain }}.<br>{{ site.domain }} + </h1> +</div> |