def test_mail_check_addr_a2(self): # 下发配置 fun.send(rbmExc, message.addsmtp['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.send(rbmExc, message.addpop3['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') # 检查配置下发是否成功 for key in self.case2_step1: re = fun.wait_data(self.case2_step1[key][0], 'gw', self.case2_step1[key][1], '配置', 100) print(re) assert self.case2_step1[key][1] in re for key in self.case2_step11: re = fun.wait_data(self.case2_step11[key][0], 'gw', self.case2_step11[key][1], '配置', 100) print(re) assert self.case2_step11[key][1] in re fun.send(rbmExc, message.mailcheck2['SetMailCheck'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') for key in self.case2_step2: re = fun.wait_data(self.case2_step2[key][0], 'gw', self.case2_step2[key][1], '配置', 100) print(re) assert self.case2_step2[key][1] in re # 发送邮件,邮件地址为白名单地址 result1 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.title, self.context, 0, 0) print('白名单地址{}结果为:{}'.format(self.mail_sender, result1)) assert result1 == 1 # 接收邮件 msg = recv_pop3.get_email(self.pop3_email, self.pop3_pwd, self.pop3_server_host, self.pop3_server_port) mail_list = recv_pop3.print_info(msg) # 解析 assert self.title, self.context in mail_list print('白名单接收者{}成功接收邮件'.format(self.pop3_email)) # 发送邮件,邮件地址为非白名单地址 result2 = send_smtp.post_email(self.deny_mail, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.deny_mail, self.deny_pwd, self.attach_path, self.file, self.title, self.context, 0, 0) print('非白名单地址{}结果为:{}'.format(self.deny_mail, result2)) assert result2 == 0
def test_mail_check_extend_a1(self): # 下发配置 fun.send(rbmExc, message.addsmtp['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.send(rbmExc, message.addpop3['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') # 检查配置下发是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'gw', self.case1_step1[key][1], '配置', 100) print(re) assert self.case1_step1[key][1] in re for key in self.case1_step11: re = fun.wait_data(self.case1_step11[key][0], 'gw', self.case1_step11[key][1], '配置', 100) print(re) assert self.case1_step11[key][1] in re fun.send(rbmExc, message.mailcheck1['SetMailCheck'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') for key in self.case1_step2: re = fun.wait_data(self.case1_step2[key][0], 'gw', self.case1_step2[key][1], '配置', 100) print(re) assert self.case1_step2[key][1] in re # 发送邮件,邮件地址为黑名单文件扩展名 result1 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.case1_attach1, self.case1_file1, self.case1_title, self.context, 0, 1) print('黑名单文件扩展名{}结果为:{}'.format(self.case1_file1, result1)) assert result1 == 0 # 发送邮件,邮件地址为非黑名单文件扩展名 result2 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.case1_attach2, self.case1_file2, self.case1_title, self.context, 0, 1) print('非黑名单文件扩展名{}结果为:{}'.format(self.case1_file2, result2)) assert result2 == 1 # 接收邮件 msg = recv_pop3.get_email(self.pop3_email, self.pop3_pwd, self.pop3_server_host, self.pop3_server_port) mail_list = recv_pop3.print_info(msg) # 解析 assert self.case1_title, self.context in mail_list
def test_iso_tcp_a1(self): # 下发配置 fun.send(rbmExc, message.addsmtp_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addsmtp_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') fun.send(rbmExc, message.addpop3_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addpop3_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') # 检查配置下发是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'FrontDut', self.case1_step1[key][1], '配置', 100) print(re) assert self.case1_step1[key][1] in re for key in self.case1_step11: re = fun.wait_data(self.case1_step11[key][0], 'FrontDut', self.case1_step11[key][1], '配置', 100) print(re) assert self.case1_step11[key][1] in re # 发送邮件,检测隔离代理是否生效 result = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.title, self.context, 0, 0) print('隔离下的邮件代理{}结果为:{}'.format(self.title,result)) assert result == 1 # 接收邮件 msg = recv_pop3.get_email(self.pop3_email, self.pop3_pwd, proxy_ip, self.pop3_proxy_port) print(msg) mail_list = recv_pop3.print_info(msg) # 解析 print('接收邮件解析到的列表为{}'.format(mail_list)) assert self.title, self.context in mail_list
def test_iso_mail_check_alltype_a1(self): # 下发配置 print( '1、下发邮件的隔离代理:代理ip为前置机安全卡的ip,port为8885(smtp)和8886(pop3),等待nginx的24个进程起来;cat /etc/jsac/customapp.stream应该包含代理ip和port,netstat -anp |grep tcp应该可以查看到监听ip和端口' ) fun.send(rbmExc, message.addsmtp_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addsmtp_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') front_res1 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert front_res1 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') back_res1 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert back_res1 == 1 fun.send(rbmExc, message.addpop3_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addpop3_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') front_res2 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert front_res2 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') back_res2 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert back_res2 == 1 # 检查配置下发是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'FrontDut', self.case1_step1[key][1], '配置', 100) print(re) assert self.case1_step1[key][1] in re for key in self.case1_step11: re = fun.wait_data(self.case1_step11[key][0], 'FrontDut', self.case1_step11[key][1], '配置', 100) print(re) assert self.case1_step11[key][1] in re print( '2、下发地址白名单:[email protected]、[email protected];黑名单主题:test;黑名单文件名:test;附件扩展名黑名单:txt,等待nginx的24个进程起来;cat /etc/jsac/filter.json文件应该包含:allow-from、deny-topic、deny-basename、deny-suffix和地址白名单:[email protected]、[email protected];黑名单主题:test;黑名单文件名:test;附件扩展名黑名单:txt' ) fun.send(rbmExc, message.mailcheck1['SetMailCheck'], FrontDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') add_check = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') assert add_check == 1 for key in self.case1_step2: re = fun.wait_data(self.case1_step2[key][0], 'FrontDut', self.case1_step2[key][1], '配置', 100) print(re) assert self.case1_step2[key][1] in re # 1、发送邮件,邮件地址为非白名单地址 print('3、控制台发送邮件,邮件地址为非白名单地址:[email protected],查看发送结果;发送失败') result1 = send_smtp.post_email(self.deny_mail, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.deny_mail, self.deny_pwd, self.attach_path, self.deny_name_file, self.title, self.context, 0, 1) print('非白名单地址{}结果为:{}'.format(self.deny_mail, result1)) assert result1 == 0 # 2、发送邮件,邮件地址为黑名单主题 print('4、控制台发送邮件,邮件主题为黑名单主题:test,查看发送结果;发送失败') result2 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.deny_name_file, self.deny_title, self.context, 0, 1) print('黑名单主题{}结果为:{}'.format(self.deny_title, result2)) assert result2 == 0 # 3、发送邮件,邮件地址为黑名单文件名 print('5、控制台发送邮件,邮件附件文件名为黑名单文件名:test,查看发送结果;发送失败') result3 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_file, self.deny_name_file, self.title, self.context, 0, 1) print('黑名单文件名{}结果为:{}'.format(self.deny_name_file, result3)) assert result3 == 0 # 4、发送邮件,邮件地址为黑名单文件扩展名 print('6、控制台发送邮件,邮件附件扩展名为黑名单扩展名:txt,查看发送结果;发送失败') result4 = send_smtp.post_email( self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_extend, self.deny_extend_file, self.title, self.context, 0, 1) print('黑名单文件扩展名{}结果为:{}'.format(self.deny_extend_file, result4)) assert result4 == 0 # 5、发送邮件,邮件地址为白名单地址、非黑名单主题、非黑名单文件名、非黑名单文件扩展名 print( '7、控制台发送邮件,邮件地址为白名单地址:[email protected];非黑名单主题:我不是黑名单主题,测试多种类型(隔离的数据结构检查);附件文件名为非黑名单:1;附件扩展名为非黑名单:xls,查看发送结果;发送成功' ) result5 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.title, self.context, 0, 1) print('各种参数均为白名单结果为:{}'.format(result5)) assert result5 == 1 # 接收邮件 print( '8、接收邮件,接收邮件地址为白名单地址:[email protected],查看pop3协议收到的邮件内容是否为刚刚发送的;接收邮件内容为非黑名单扩展名发送的' ) msg = recv_pop3.get_email(self.pop3_email, self.pop3_pwd, self.pop3_server_host, self.pop3_server_port) mail_list = recv_pop3.print_info(msg) # 解析 assert self.title, self.context in mail_list # 移除策略,还原环境 print( '9、移除邮件的隔离策略,清空环境,等待nginx的24个进程起来;cat /etc/jsac/customapp.stream应该不包含代理ip和port' ) fun.send(rbmExc, message.delsmtp_front['DelCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.delsmtp_back['DelCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fdel_res1 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert fdel_res1 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') bdel_res1 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert bdel_res1 == 1 fun.send(rbmExc, message.delpop3_front['DelCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.delpop3_back['DelCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fdel_res2 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert fdel_res2 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') bdel_res2 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert bdel_res2 == 1 # 检查策略移除是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'FrontDut', self.case1_step1[key][1], '配置', 100, flag='不存在') print(re) assert self.case1_step1[key][1] not in re # 检查邮件策略是否清空 print( '10、移除邮件策略,等待nginx的24个进程起来;cat /etc/jsac/filter.json文件应该不包含:mail协议' ) fun.send(rbmExc, message.delmailcheck['DropMailCheck'], FrontDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') del_check = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') assert del_check == 1 for key in self.delcheck: re = fun.wait_data(self.delcheck[key][0], 'FrontDut', self.delcheck[key][1], '配置', 100, flag='不存在') assert self.delcheck[key][1] not in re
def test_mail_check_subject_a1(self): # 下发配置 fun.send(rbmExc, message.addsmtp['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') smtp_res1 = fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') assert smtp_res1 == 1 fun.send(rbmExc, message.addpop3['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') pop3_res1 = fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') assert pop3_res1 == 1 # 检查配置下发是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'gw', self.case1_step1[key][1], '配置', 100) print(re) assert self.case1_step1[key][1] in re for key in self.case1_step11: re = fun.wait_data(self.case1_step11[key][0], 'gw', self.case1_step11[key][1], '配置', 100) print(re) assert self.case1_step11[key][1] in re fun.send(rbmExc, message.mailcheck1['SetMailCheck'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') add_check = fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') assert add_check == 1 for key in self.case1_step2: re = fun.wait_data(self.case1_step2[key][0], 'gw', self.case1_step2[key][1], '配置', 100) print(re) assert self.case1_step2[key][1] in re # 发送邮件,邮件地址为黑名单主题 result1 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.case1_title1, self.context, 0, 0) print('黑名单主题{}结果为:{}'.format(self.case1_title1, result1)) assert result1 == 0 # 发送邮件,邮件地址为非黑名单主题 result2 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.case1_title2, self.context, 0, 0) print('非黑名单主题{}结果为:{}'.format(self.case1_title2, result2)) assert result2 == 1 # 接收邮件 msg = recv_pop3.get_email(self.pop3_email, self.pop3_pwd, self.pop3_server_host, self.pop3_server_port) mail_list = recv_pop3.print_info(msg) # 解析 assert self.case1_title2, self.context in mail_list # 移除策略,还原环境 fun.send(rbmExc, message.delsmtp['DelAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') del_smtp = fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') assert del_smtp == 1 fun.send(rbmExc, message.delpop3['DelAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') del_pop3 = fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') assert del_pop3 == 1 # 检查代理是否成功移除 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'gw', self.case1_step1[key][1], '配置', 100, flag='不存在') assert self.case1_step1[key][1] not in re # 检查邮件策略是否清空 fun.send(rbmExc, message.delmailcheck['DropMailCheck'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') del_check = fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') assert del_check == 1 for key in self.delcheck: re = fun.wait_data(self.delcheck[key][0], 'gw', self.delcheck[key][1], '配置', 100, flag='不存在') assert self.delcheck[key][1] not in re
def test_iso_mail_check_subject_a2(self): # 下发配置 print( '1、下发邮件的隔离代理:代理ip为前置机安全卡的ip,port为8885(smtp)和8886(pop3),等待nginx的24个进程起来;cat /etc/jsac/customapp.stream应该包含代理ip和port,netstat -anp |grep tcp应该可以查看到监听ip和端口' ) fun.send(rbmExc, message.addsmtp_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addsmtp_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') front_res1 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert front_res1 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') back_res1 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert back_res1 == 1 fun.send(rbmExc, message.addpop3_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addpop3_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') front_res2 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert front_res2 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') back_res2 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert back_res2 == 1 # 检查配置下发是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'FrontDut', self.case1_step1[key][1], '配置', 100) print(re) assert self.case1_step1[key][1] in re for key in self.case1_step11: re = fun.wait_data(self.case1_step11[key][0], 'FrontDut', self.case1_step11[key][1], '配置', 100) print(re) assert self.case1_step11[key][1] in re print( '2、下发黑名单主题:test和abc,等待nginx的24个进程起来;cat /etc/jsac/filter.json文件应该包含:deny-topic和黑名单主题:test、abc' ) fun.send(rbmExc, message.mailcheck2['SetMailCheck'], FrontDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') add_check = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') assert add_check == 1 for key in self.case2_step2: re = fun.wait_data(self.case2_step2[key][0], 'FrontDut', self.case2_step2[key][1], '配置', 100) print(re) assert self.case2_step2[key][1] in re # 发送邮件,邮件地址为黑名单主题 print('3、控制台发送邮件,邮件主题为黑名单主题:test,查看发送结果;发送失败') result1 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.case2_title1, self.context, 0, 0) print('第一个黑名单主题{}结果为:{}'.format(self.case2_title1, result1)) assert result1 == 0 print('4、控制台发送邮件,邮件主题为黑名单主题:abc,查看发送结果;发送失败') result2 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.case2_title2, self.context, 0, 0) print('第二个黑名单主题{}结果为:{}'.format(self.case2_title2, result2)) assert result2 == 0 # 发送邮件,邮件地址为非黑名单主题 print('5、控制台发送邮件,邮件主题为非黑名单主题,查看发送结果;发送成功') result3 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.case2_title3, self.context, 0, 0) print('非黑名单主题{}结果为:{}'.format(self.case2_title3, result3)) assert result3 == 1 # 接收邮件 print('6、接收邮件,查看pop3协议收到的邮件主题是否为非黑名单主题;接收邮件主题为非黑名单主题') msg = recv_pop3.get_email(self.pop3_email, self.pop3_pwd, self.pop3_server_host, self.pop3_server_port) mail_list = recv_pop3.print_info(msg) # 解析 assert self.case2_title3, self.context in mail_list print('白名单接收者{}成功接收邮件'.format(self.pop3_email)) # 移除策略,还原环境 print( '7、移除邮件的隔离策略,清空环境,等待nginx的24个进程起来;cat /etc/jsac/customapp.stream应该不包含代理ip和port' ) fun.send(rbmExc, message.delsmtp_front['DelCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.delsmtp_back['DelCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fdel_res1 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert fdel_res1 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') bdel_res1 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert bdel_res1 == 1 fun.send(rbmExc, message.delpop3_front['DelCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.delpop3_back['DelCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fdel_res2 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert fdel_res2 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') bdel_res2 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert bdel_res2 == 1 # 检查策略移除是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'FrontDut', self.case1_step1[key][1], '配置', 100, flag='不存在') print(re) assert self.case1_step1[key][1] not in re # 检查邮件策略是否清空 print( '8、移除邮件策略,等待nginx的24个进程起来;cat /etc/jsac/filter.json文件应该不包含:mail协议') fun.send(rbmExc, message.delmailcheck['DropMailCheck'], FrontDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') del_check = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') assert del_check == 1 for key in self.delcheck: re = fun.wait_data(self.delcheck[key][0], 'FrontDut', self.delcheck[key][1], '配置', 100, flag='不存在') assert self.delcheck[key][1] not in re
def test_iso_mail_check_addr_a2(self): # 下发配置 print('1、下发邮件的隔离代理:代理ip为前置机安全卡的ip,port为8885(smtp)和8886(pop3),等待nginx的24个进程起来;cat /etc/jsac/customapp.stream应该包含代理ip和port,netstat -anp |grep tcp应该可以查看到监听ip和端口') fun.send(rbmExc, message.addsmtp_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addsmtp_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') front_res1 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert front_res1 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') back_res1 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert back_res1 == 1 fun.send(rbmExc, message.addpop3_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addpop3_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') front_res2 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert front_res2 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') back_res2 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert back_res2 == 1 # 检查配置下发是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'FrontDut', self.case1_step1[key][1], '配置', 100) print(re) assert self.case1_step1[key][1] in re for key in self.case1_step11: re = fun.wait_data(self.case1_step11[key][0], 'FrontDut', self.case1_step11[key][1], '配置', 100) print(re) assert self.case1_step11[key][1] in re print('2、下发mail的地址白名单:[email protected]和[email protected],等待nginx的24个进程起来;cat /etc/jsac/filter.json文件应该包含:allow-from和邮件白名单地址:[email protected]、[email protected]') fun.send(rbmExc, message.mailcheck2['SetMailCheck'], FrontDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') add_check = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') assert add_check == 1 for key in self.case2_step2: re = fun.wait_data(self.case2_step2[key][0], 'FrontDut', self.case2_step2[key][1], '配置', 100) print(re) assert self.case2_step2[key][1] in re # 发送邮件,邮件地址为白名单地址 print('3、控制台发送邮件,地址为白名单地址[email protected],查看发送结果;发送成功') result1 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.title, self.context, 0, 0) print('白名单地址{}结果为:{}'.format(self.mail_sender, result1)) assert result1 == 1 # 接收邮件 print('4、接收邮件,接收地址为白名单[email protected],查看接收结果;接收成功') msg = recv_pop3.get_email(self.pop3_email, self.pop3_pwd, self.pop3_server_host, self.pop3_server_port) mail_list = recv_pop3.print_info(msg) # 解析 assert self.title, self.context in mail_list print('白名单接收者{}成功接收邮件'.format(self.pop3_email)) # 发送邮件,邮件地址为非白名单地址 print('5、控制台发送邮件,地址为非白名单地址,查看发送结果;发送失败') result2 = send_smtp.post_email(self.deny_mail, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.deny_mail, self.deny_pwd, self.attach_path, self.file, self.title, self.context, 0, 0) print('非白名单地址{}结果为:{}'.format(self.deny_mail, result2)) assert result2 == 0 # 移除策略,还原环境 print('6、移除邮件的隔离策略,清空环境,等待nginx的24个进程起来;cat /etc/jsac/customapp.stream应该不包含代理ip和port') fun.send(rbmExc, message.delsmtp_front['DelCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.delsmtp_back['DelCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fdel_res1 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert fdel_res1 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') bdel_res1 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert bdel_res1 == 1 fun.send(rbmExc, message.delpop3_front['DelCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.delpop3_back['DelCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fdel_res2 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert fdel_res2 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') bdel_res2 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert bdel_res2 == 1 # 检查策略移除是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'FrontDut', self.case1_step1[key][1], '配置', 100, flag='不存在') print(re) assert self.case1_step1[key][1] not in re # 检查邮件策略是否清空 print('7、移除邮件策略,等待nginx的24个进程起来;cat /etc/jsac/filter.json文件应该不包含:mail协议') fun.send(rbmExc, message.delmailcheck['DropMailCheck'], FrontDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') del_check = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') assert del_check == 1 for key in self.delcheck: re = fun.wait_data(self.delcheck[key][0], 'FrontDut', self.delcheck[key][1], '配置', 100, flag='不存在') assert self.delcheck[key][1] not in re
def test_iso_tcp_basic_a1(self): # 下发配置 fun.send(rbmExc, message.addsmtp_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addsmtp_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') front_res1 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert front_res1 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') back_res1 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert back_res1 == 1 fun.send(rbmExc, message.addpop3_front['AddCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.addpop3_back['AddCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') front_res2 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert front_res2 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') back_res2 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert back_res2 == 1 # 检查配置下发是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'FrontDut', self.case1_step1[key][1], '配置', 100) print(re) assert self.case1_step1[key][1] in re for key in self.case1_step11: re = fun.wait_data(self.case1_step11[key][0], 'FrontDut', self.case1_step11[key][1], '配置', 100) print(re) assert self.case1_step11[key][1] in re # 发送邮件,检测隔离代理是否生效 result = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.title, self.context, 0, 0) print('隔离下的邮件代理结果为:{}'.format(result)) assert result == 1 # 接收邮件 msg = recv_pop3.get_email(self.pop3_email, self.pop3_pwd, proxy_ip, self.pop3_proxy_port) print('pop3获取邮件返回的内容是:'.format(msg)) mail_list = recv_pop3.print_info(msg) # 解析 print('接收邮件解析到的列表为{}'.format(mail_list)) assert self.title, self.context in mail_list # 移除策略,清空环境 fun.send(rbmExc, message.delsmtp_front['DelCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.delsmtp_back['DelCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fdel_res1 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert fdel_res1 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') bdel_res1 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert bdel_res1 == 1 fun.send(rbmExc, message.delpop3_front['DelCustomAppPolicy'], FrontDomain, base_path) fun.send(rbmExc, message.delpop3_back['DelCustomAppPolicy'], BackDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process') fdel_res2 = fun.nginx_worker('ps -ef |grep nginx', 'FrontDut', 'nginx: worker process', name='前置机nginx进程') assert fdel_res2 == 1 fun.wait_data('ps -ef |grep nginx', 'BackDut', 'nginx: worker process') bdel_res2 = fun.nginx_worker('ps -ef |grep nginx', 'BackDut', 'nginx: worker process', name='后置机nginx进程') assert bdel_res2 == 1 # 检查策略移除是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'FrontDut', self.case1_step1[key][1], '配置', 100, flag='不存在') print(re) assert self.case1_step1[key][1] not in re
def test_mail_check_alltype_a1(self): # 下发配置 fun.send(rbmExc, message.addsmtp['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.send(rbmExc, message.addpop3['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') # 检查配置下发是否成功 for key in self.case1_step1: re = fun.wait_data(self.case1_step1[key][0], 'gw', self.case1_step1[key][1], '配置', 100) print(re) assert self.case1_step1[key][1] in re for key in self.case1_step11: re = fun.wait_data(self.case1_step11[key][0], 'gw', self.case1_step11[key][1], '配置', 100) print(re) assert self.case1_step11[key][1] in re fun.send(rbmExc, message.mailcheck1['SetMailCheck'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') for key in self.case1_step2: re = fun.wait_data(self.case1_step2[key][0], 'gw', self.case1_step2[key][1], '配置', 100) print(re) assert self.case1_step2[key][1] in re # 1、发送邮件,邮件地址为非白名单地址 result1 = send_smtp.post_email(self.deny_mail, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.deny_mail, self.deny_pwd, self.attach_path, self.deny_name_file, self.title, self.context, 0, 1) print('非白名单地址{}结果为:{}'.format(self.deny_mail, result1)) assert result1 == 0 # 2、发送邮件,邮件地址为黑名单主题 result2 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.deny_name_file, self.deny_title, self.context, 0, 1) print('黑名单主题{}结果为:{}'.format(self.deny_title, result2)) assert result2 == 0 # 3、发送邮件,邮件地址为黑名单文件名 result3 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_file, self.deny_name_file, self.title, self.context, 0, 1) print('黑名单文件名{}结果为:{}'.format(self.deny_name_file, result3)) assert result3 == 0 # 4、发送邮件,邮件地址为黑名单文件扩展名 result4 = send_smtp.post_email( self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_extend, self.deny_extend_file, self.title, self.context, 0, 1) print('黑名单文件扩展名{}结果为:{}'.format(self.deny_extend_file, result4)) assert result4 == 0 # 5、发送邮件,邮件地址为白名单地址、非黑名单主题、非黑名单文件名、非黑名单文件扩展名 result5 = send_smtp.post_email(self.mail_sender, self.mail_receivers, self.mail_cc, self.mail_bcc, self.mail_host, self.mail_port, self.mail_user, self.mail_pass, self.attach_path, self.file, self.title, self.context, 0, 1) print('各种参数均为白名单结果为:{}'.format(result5)) assert result5 == 1 # 接收邮件 msg = recv_pop3.get_email(self.pop3_email, self.pop3_pwd, self.pop3_server_host, self.pop3_server_port) mail_list = recv_pop3.print_info(msg) # 解析 assert self.title, self.context in mail_list