CN112769810A - Firewall testing method and device, nonvolatile storage medium and electronic device - Google Patents

Firewall testing method and device, nonvolatile storage medium and electronic device Download PDF

Info

Publication number
CN112769810A
CN112769810A CN202011641893.XA CN202011641893A CN112769810A CN 112769810 A CN112769810 A CN 112769810A CN 202011641893 A CN202011641893 A CN 202011641893A CN 112769810 A CN112769810 A CN 112769810A
Authority
CN
China
Prior art keywords
test
equipment
subtask
subtasks
task
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011641893.XA
Other languages
Chinese (zh)
Other versions
CN112769810B (en
Inventor
秦亭亭
张峰
虞安虎
张萍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hillstone Networks Co Ltd
Original Assignee
Hillstone Networks Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hillstone Networks Co Ltd filed Critical Hillstone Networks Co Ltd
Priority to CN202011641893.XA priority Critical patent/CN112769810B/en
Publication of CN112769810A publication Critical patent/CN112769810A/en
Application granted granted Critical
Publication of CN112769810B publication Critical patent/CN112769810B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a firewall testing method and device, a nonvolatile storage medium and an electronic device. Wherein, the method comprises the following steps: determining a plurality of test subtasks according to the type of topology networking adopted by a plurality of scripts of the target test task during testing; determining a test subtask sequence corresponding to the shortest time required when the test equipment in the calling equipment pool executes the target test task; and based on the sequence of the test subtasks in the test subtask sequence, sequentially acquiring the topological network required by the test subtasks formed by the test equipment from the test equipment pool to execute the test, and releasing the test equipment used by the test subtask to the equipment pool after the test of each test subtask is executed until the test of the last test subtask in the test subtask sequence is executed. The invention solves the technical problems of low equipment utilization rate and low test efficiency of the automatic firewall test method in the related technology.

Description

Firewall testing method and device, nonvolatile storage medium and electronic device
Technical Field
The invention relates to the technical field of network security, in particular to a firewall testing method and device, a nonvolatile storage medium and an electronic device.
Background
With the advent of the big data age, various network attack threats emerge endlessly, and network security is particularly important. The firewall device is a key device in network security, and is used for constructing a protection barrier inside a network and at the exit of a gateway so as to protect user data and information security and provide better use experience.
The automatic testing of the firewall is an effective means for ensuring that the firewall equipment can quickly return under the condition of quick function iteration and the old function is not degenerated. In the firewall automation test scheme in the related art, as shown in fig. 1, usually a plurality of fixed devices are used, networking is manually completed in advance, designated scripts are allocated to the topology environment of the fixed networking, and then the scripts are sequentially executed in sequence, and the automation test mainly has the following disadvantages:
the topological networking has high degree of dependence on manpower and low degree of automation, and when the equipment is numerous and the networking is complex, the manual construction and dismantling of the environment are time-consuming and errors are easily introduced; the requirement of the test equipment is large, and the automatic test cost is high. Under the condition that the script covers various topological networking, a plurality of fixed networking environments need to be set up in advance. A large amount of test equipment resources are occupied; the utilization rate of the test equipment is low. Because the number of scripts under each topology is different, the number of scripts under some networking is small, or the total running time is short, and after all the scripts under the networking environment are run, the equipment under the environment is in an idle state and cannot be reused by the scripts under other topology networking; the fault tolerance rate is low and the stability is poor; due to the fixed test environment, once a certain equipment fault occurs in the running process, if crash occurs, the subsequent scripts distributed to the equipment in the test script set cannot run, manual timely intervention is needed, the test can be guaranteed to run continuously, and the running time of the scripts is long.
In summary, with the increasing number of automation scripts, the topology networking is increasingly complex, and the resource of the device available for testing is very limited, the firewall automation test in the related art cannot utilize the measurable device to the maximum extent, and can implement stable operation of large-scale automation scripts in a fault-tolerant manner in the shortest time.
Aiming at the problems of low equipment utilization rate and low test efficiency of the automatic firewall test method in the related technology, no effective solution is provided at present.
Disclosure of Invention
The embodiment of the invention provides a firewall testing method and device, a nonvolatile storage medium and an electronic device, which are used for at least solving the technical problems of low equipment utilization rate and low testing efficiency of an automatic firewall testing method in the related technology.
According to an aspect of the embodiments of the present invention, there is provided a firewall testing method, including: determining a plurality of test subtasks according to the type of topology networking adopted by a plurality of scripts of a target test task during testing, wherein each type of topology networking corresponds to one test subtask, and each test subtask comprises at least one script; determining a test subtask sequence corresponding to the shortest time required when a test device in a calling device pool executes the target test task, wherein the device pool comprises a plurality of test devices required for executing the target test task; and based on the sequence of the test subtasks in the test subtask sequence, sequentially acquiring a topological network required by the test equipment to form the test subtasks from the test equipment pool to execute the test, and releasing the test equipment used by the test subtasks to the equipment pool after the test of each test task is executed until the test of the last test subtask in the test subtask sequence is executed.
Optionally, when it is determined that the test device in the call device pool executes the target test task, the test subtask sequence corresponding to the shortest time required by the test device in the call device pool includes: determining a plurality of test rules of a plurality of test subtasks, wherein each test rule corresponds to a test sequence of the plurality of test subtasks; acquiring script information of a plurality of scripts of the target test task, wherein the script information at least comprises a script name, test equipment information required by script operation and operation duration of the script; obtaining available test equipment information in the equipment pool, wherein the available test equipment information at least comprises an idle equipment type and an equipment number; determining the testing time length for calling the testing equipment in the equipment pool to execute the target testing task based on each testing rule, the script information of the scripts and the available testing equipment information to obtain a plurality of testing time lengths; and determining the shortest time length in the plurality of test time lengths, and determining the test subtask sequence according to the test sequence contained in the test rule corresponding to the shortest time length.
Optionally, determining, based on each of the test rules, the script information of the plurality of scripts, and the available test device information, a test duration for calling the test devices in the device pool to execute the target test task includes: determining a first task list corresponding to a test subtask to be run, a second task list corresponding to the test subtask in the running process, and a third task list corresponding to the test subtask in the running process, wherein the first task list, the second task list, and the third task list respectively include test equipment information required by each test subtask in the corresponding type to form a topology network, a preset duration for finishing running a script in each test subtask in the corresponding type, and a running start time and a running finish time of each test subtask in the corresponding type; based on a test sequence contained in the test rule, sequencing the test subtasks to be operated in the first task list, searching the available test equipment required by the test subtasks to be operated in a list corresponding to the available test equipment information according to a sequencing result, determining the operation starting time of the test subtasks to be operated as the current time under the existence condition, determining the sum of the preset time and the operation ending time of the test subtasks to be operated as the ending time, and moving the test subtasks to be operated from the first task list to the second task list; and sequencing the running test subtasks in the first task list according to running end time, moving the running test subtasks corresponding to the minimum running end time in a sequencing result from the second task list to the third task list until the quantity of the running test subtasks in the third task list is equal to the quantity of the plurality of test subtasks corresponding to the target test task, and determining the test duration corresponding to the test rule based on the end time corresponding to the last running test subtask in the third task list.
Optionally, in a process of sequentially obtaining, based on the sequence of the test subtasks in the test subtask sequence, a topology network required by the test device to form the test subtask from the test device pool to execute a test, the method further includes: under the condition that the test subtasks to be operated do not exist or all the test subtasks to be operated do not obtain the required test equipment in the equipment pool, traversing the test subtasks in operation if the residual test equipment exists in the equipment pool, and judging whether the target test subtasks with the residual operation time length larger than the target threshold exist in the test subtasks in operation or not; under the condition that the target test subtask exists, judging whether the residual equipment in the equipment pool meets the requirement of the test equipment for running the target test subtask; and under the condition of meeting the requirement, splitting the target test subtask to obtain a first target test subtask and a second target test subtask, and distributing the residual test equipment to the second target test subtask.
Optionally, in a process of sequentially obtaining, based on the sequence of the test subtasks in the test subtask sequence, a topology network required by the test device to form the test subtask from the test device pool to execute a test, the method further includes: and under the condition that the fault test equipment is detected, triggering alarm information, and stopping executing the operation of releasing the fault test equipment to the equipment pool.
Optionally, in a process of sequentially obtaining, based on the sequence of the test subtasks in the test subtask sequence, a topology network required by the test device to form the test subtask from the test device pool to execute a test, the method further includes: and when the condition of the fault test equipment is detected, adding test equipment with the same type as the fault test equipment to the equipment pool.
According to another aspect of the embodiments of the present invention, there is also provided a firewall testing apparatus, including: the device comprises a first determining module, a second determining module and a testing module, wherein the first determining module is used for determining a plurality of testing subtasks according to the types of topology networking adopted by a plurality of scripts of a target testing task during testing, each type of topology networking corresponds to one testing subtask, and each testing subtask comprises at least one script; a second determining module, configured to determine a test subtask sequence corresponding to a shortest time required for a test device in a device pool to execute the target test task, where the device pool includes multiple test devices required for executing the target test task; and the test module is used for sequentially acquiring a topological network required by test equipment to form the test subtasks from the test equipment pool based on the sequence of the test subtasks in the test subtask sequence so as to execute the test, and releasing the test equipment used by the test subtasks to the equipment pool after the test of each test task subtask is executed until the test of the last test subtask in the test subtask sequence is executed.
Optionally, the second determining module includes: the device comprises a first determining unit, a second determining unit and a control unit, wherein the first determining unit is used for determining a plurality of test rules of a plurality of test subtasks, and each test rule corresponds to a test sequence of running of the plurality of test subtasks; the device comprises a first acquisition unit, a second acquisition unit and a control unit, wherein the first acquisition unit is used for acquiring script information of a plurality of scripts of the target test task, and the script information at least comprises script names, test equipment information required by script operation and operation duration of the scripts; a second obtaining unit, configured to obtain available test device information in the device pool, where the available test device information at least includes an idle device type and a device number; a second determining unit, configured to determine, based on each of the test rules, the script information of the multiple scripts, and the available test device information, a test duration for calling the test devices in the device pool to execute the target test task, so as to obtain multiple test durations; and the third determining unit is used for determining the shortest time length in the plurality of test time lengths and determining the test subtask sequence according to the test sequence contained in the test rule corresponding to the shortest time length.
According to another aspect of the embodiments of the present invention, there is also provided a non-volatile storage medium, which includes a stored program, wherein the program controls a device in which the non-volatile storage medium is located to execute a firewall testing method when running.
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including a processor and a memory; the memory has stored therein computer readable instructions, and the processor is configured to execute the computer readable instructions, wherein the computer readable instructions when executed perform a firewall testing method.
In the embodiment of the invention, a plurality of test subtasks are determined according to the type of topology networking adopted by a plurality of scripts of a target test task during testing, wherein each type of topology networking corresponds to one test subtask, and each test subtask comprises at least one script; determining a test subtask sequence corresponding to the shortest time required when a test device in a calling device pool executes a target test task, wherein the device pool comprises a plurality of test devices required by the target test task; based on the sequence of the test subtasks in the test subtask sequence, the topological network required by the test equipment to form the test subtasks is sequentially obtained from the test equipment pool to execute the test, and after the test of each test subtask is executed, the test equipment used by the test subtask is released to the equipment pool until the test of the last test subtask in the test subtask sequence is executed.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
FIG. 1 is a schematic diagram of a topological networking according to firewall automation testing in the prior art;
FIG. 2 is a flow chart of a firewall testing method according to an embodiment of the invention;
FIG. 3 is a schematic diagram of a topological networking for automated testing of firewalls, in accordance with an alternative embodiment of the present invention;
FIG. 4 is a flow diagram of a simulation process of the optimal strategy prediction module for each strategy in accordance with an alternative embodiment of the present invention;
FIG. 5 is a timing diagram of the operation of a plurality of subtasks according to an alternative embodiment of the present invention;
FIG. 6 is a timing diagram illustrating a reduction in the overall task run time during the running of a plurality of subtasks in accordance with an alternative embodiment of the present invention;
fig. 7 is a schematic diagram of a firewall testing apparatus according to an embodiment of the invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
In accordance with an embodiment of the present invention, there is provided an embodiment of a firewall testing method, it should be noted that the steps illustrated in the flowchart of the figure may be performed in a computer system such as a set of computer-executable instructions and that although a logical order is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in an order different than here.
Fig. 2 is a flowchart of a firewall testing method according to an embodiment of the present invention, as shown in fig. 2, the method includes the following steps:
step S202, determining a plurality of test subtasks according to the type of topology networking adopted by a plurality of scripts of a target test task during testing, wherein each type of topology networking corresponds to one test subtask, and each test subtask comprises at least one script;
step S204, determining a test subtask sequence corresponding to the shortest time required when the test equipment in the equipment pool is called to execute the target test task, wherein the equipment pool comprises a plurality of test equipment required by executing the target test task;
step S206, based on the sequence of the test subtasks in the test subtask sequence, the topology network required by the test equipment to form the test subtasks is sequentially obtained from the test equipment pool to execute the test, and after the test of each test task is executed, the test equipment used by the test subtask is released to the equipment pool until the test of the last test subtask in the test subtask sequence is executed.
Through the steps, the firewall testing method can achieve the purpose of flexible and efficient automatic testing, so that the technical effects of improving the utilization rate of testing equipment and the testing efficiency are achieved, and the technical problems of low equipment utilization rate and low testing efficiency of the firewall automatic testing method in the related technology are solved.
It should be noted that the firewall testing method can be applied to various network devices (such as firewalls, NIPS, ADCs, and the like), and is used for automated testing in a scenario where the number of automated scripts is large, the topology is complex and diverse, the testing resources are limited, and fast regression is required.
The test equipment is a firewall, various network protocols flow through the firewall, the network protocols are constructed through a PC, an HTTP client is installed on the PC, an HTTP server is installed on the other PC, the client network server sends a request, and get and put messages are transmitted from the firewall through networking, which is equivalent to construction of the flow.
Optionally, when it is determined that the test device in the call device pool executes the target test task, the test subtask sequence corresponding to the shortest time required by the test device in the call device pool includes: determining a plurality of test rules of a plurality of test subtasks, wherein each test rule corresponds to a test sequence in which the plurality of test subtasks run; acquiring script information of a plurality of scripts of a target test task, wherein the script information at least comprises a script name, test equipment information required by script operation and operation duration of the script; obtaining available test equipment information in an equipment pool, wherein the available test equipment information at least comprises an idle equipment type and an equipment number; determining the test duration of the test equipment in the calling equipment pool for executing the target test task based on each test rule, the script information of the scripts and the available test equipment information to obtain a plurality of test durations; and determining the shortest time length in the plurality of test time lengths, and determining the test subtask sequence according to the test sequence contained in the test rule corresponding to the shortest time length.
As an optional implementation manner, in the process of determining the test duration for the test device in the calling device pool to execute the target test task, it is required to determine a plurality of test rules of a plurality of test subtasks, obtain script information of a plurality of scripts of the target test task, obtain available test device information in the device pool, and then obtain a plurality of test durations for the test device in the calling device pool to execute the target test task according to each test rule, the script information of the plurality of scripts, and the available test device information. It should be noted that each of the above test rules corresponds to a test sequence in which a plurality of test subtasks are run.
As an optional implementation manner, the shortest time duration may be screened from a plurality of test time durations for executing the target test task by the test device in the call device pool, and the test subtask sequence may be obtained according to the test rule associated with the shortest time duration. It should be noted that the test rule includes a test sequence in which a plurality of test subtasks are run.
In a specific implementation process, the script information includes, but is not limited to, a script name, test equipment information required by script operation, operation duration of the script, and the like; the available test device information includes, but is not limited to, idle device type, number of devices, and the like.
By the implementation mode, an optimal test scheme can be obtained, so that the time for executing the test task is shortest, and the efficiency is highest.
Optionally, determining, based on each test rule, script information of a plurality of scripts, and available test device information, a test duration for calling test devices in the device pool to execute the target test task includes: determining a first task list corresponding to a test subtask to be run, a second task list corresponding to the test subtask in the running process and a third task list corresponding to the test subtask in the running process, wherein the first task list, the second task list and the third task list respectively comprise test equipment information required by each test subtask in the corresponding type to form a topological network, preset running completion time of a script in each test subtask in the corresponding type, and running start time and running completion time of each test subtask in the corresponding type; based on a test sequence contained in the test rule, sequencing test subtasks to be operated in the first task list, searching available test equipment required by the test subtasks to be operated in a list corresponding to the available test equipment information according to a sequencing result, determining the operation starting time of the test subtasks to be operated as the current time under the existence condition, determining the sum of the preset time and the operation ending time of the test subtasks to be operated as the ending time, and moving the test subtasks to be operated from the first task list to the second task list; and sequencing the running test subtasks in the first task list according to the running end time, moving the running test subtasks corresponding to the minimum running end time in the sequencing result from the second task list to the third task list until the quantity of the running end test subtasks in the third task list is equal to the quantity of the plurality of test subtasks corresponding to the target test task, and determining the test duration corresponding to the test rule based on the end time corresponding to the last running end test subtask in the third task list.
As an optional implementation manner, the test subtasks in different test stages correspond to different task lists, for example, a first task list corresponding to a test subtask to be run, a second task list corresponding to a test subtask in running, and a third task list corresponding to a test subtask that has been run. The content in the task list includes, but is not limited to, test device information required by each test subtask to form a topology network, a preset time length for completing the running of a script in each test subtask, a running start time and a running end time of each test subtask, and the like. It should be noted that the contents in the task list may be different in different testing stages.
As an optional implementation manner, the test subtasks to be run in the first task list may be sorted according to a test sequence included in the test rule, available test equipment required by the test subtasks to be run is searched in a list corresponding to the available test equipment information according to a sorting result, if the available test equipment exists in the equipment pool, the running start time of the test subtask to be run is determined as the current time, the sum of the preset time length and the running end time of the test subtask to be run is determined as the end time, and the test subtask to be run is moved from the first task list to the second task list. By the method, the current time and the ending time of the test subtask to be run can be obtained in the process of converting the test subtask to be run into the test subtask in running.
As an optional implementation manner, the running test subtasks in the first task list may be sorted according to the running end time, and the running test subtask corresponding to the minimum running end time in the sorting result is moved from the second task list to the third task list, so that the test duration corresponding to the test rule may be obtained according to the end time corresponding to the last running end test subtask in the third task list. It should be noted that the number of the test subtasks in the third task list after the end of the operation is equal to the number of the plurality of test subtasks corresponding to the target test task, which is equivalent to the end of the operation of the last test subtask in the target test task.
Optionally, in the process of sequentially obtaining, based on the sequence of the test subtasks in the test subtask sequence, the topology network required by the test apparatus to form the test subtask from the test apparatus pool to execute the test, the method further includes: under the condition that the test subtasks to be operated do not exist or all the test subtasks to be operated do not obtain the required test equipment in the equipment pool, traversing the test subtasks in operation if the residual test equipment exists in the equipment pool, and judging whether the target test subtasks with the residual operation time length larger than the target threshold exist in the test subtasks in operation or not; under the condition that the target test subtask exists, judging whether the residual equipment in the equipment pool meets the requirement of the test equipment for running the target test subtask; and under the condition of meeting, splitting the target test subtask to obtain a first target test subtask and a second target test subtask, and distributing the rest test equipment to the second target test subtask.
As an optional implementation manner, in the case that there is no test subtask to be run or all test subtasks to be run do not obtain the required test equipment in the equipment pool, if there are remaining test equipment in the equipment pool, traversing the running test subtask, and determining whether there is a target test subtask whose remaining running time is greater than a target threshold in the running test subtask; further, if the target test subtask with the residual running time length larger than the target threshold exists in the running test subtasks, whether the residual equipment in the equipment pool meets the requirement of the test equipment for running the target test subtask is judged; and if the residual equipment in the equipment pool meets the requirement of the test equipment operated by the target test subtask, splitting the target test subtask, and distributing the residual test equipment to the split target test subtask.
Through the embodiment, the idle test equipment can be more effectively utilized in a mode of splitting the test task, so that the idle test equipment is avoided.
Optionally, in the process of sequentially obtaining, based on the sequence of the test subtasks in the test subtask sequence, the topology network required by the test apparatus to form the test subtask from the test apparatus pool to execute the test, the method further includes: and under the condition that the fault test equipment is detected, triggering alarm information, and stopping executing the operation of releasing the fault test equipment to the equipment pool.
As an optional implementation manner, in the process of executing the test, whether the test device fails or not may be detected, for example, a fault such as a test resource Crash or a connection abnormality may be detected, and once the fault occurs, the fault test device may be marked, and meanwhile, alarm information may be triggered. It should be noted that the triggering alarm information includes, but is not limited to, an email, a short message, a voice, and the like. In addition, in order to reduce the influence of the fault test equipment on the subsequent script operation to the maximum extent, the fault test equipment may not be released to the equipment pool, so that the fault test equipment does not participate in the subsequent resource allocation any more.
Optionally, in the process of sequentially obtaining, based on the sequence of the test subtasks in the test subtask sequence, the topology network required by the test apparatus to form the test subtask from the test apparatus pool to execute the test, the method further includes: and detecting the condition of the fault test equipment, and adding the test equipment with the same type as the fault test equipment to the equipment pool.
As an optional implementation manner, if the condition of the failure test device is detected, a test device of the same type as the failure test device may be added to the device pool, so that the newly added test device in the device pool replaces the original failure test device, and the newly added test device may be used for deploying and using a subsequent test subtask, thereby better ensuring a subsequent test task.
An alternative embodiment of the invention is described in detail below.
Fig. 3 is a schematic diagram of a topology networking of an automatic firewall test according to an alternative embodiment of the present invention, and as shown in fig. 3, the firewall test method according to the alternative embodiment of the present invention may automatically split a script into a plurality of test subtasks (one test subtask uses one type of topology networking) by only defining a batch of test devices and specifying the script to be tested. The delineated test devices constitute a test device pool. And then, based on the current resource demand condition of each subtask and the quantity distribution condition of each type of equipment in the available test equipment pool, evaluating an optimal task and resource allocation algorithm through an optimal operation strategy prediction module. And according to the allocation algorithm, performing resource application, topology deployment and networking on the subtasks one by one. After each subtask is finished, the equipment is automatically returned to the test equipment pool for continuous use of scripts to be operated under other networking, so that the equipment is maximally ensured not to be idle. And for the equipment with the crash fault in the operation process, the equipment is automatically marked, the equipment pool is not returned to the test equipment pool, and the equipment pool is not used for establishing the topological environment of the subtask subsequently. Test equipment can be dynamically added or removed at any time according to needs in the test equipment pool.
The firewall testing method of the optional embodiment of the invention has the following specific implementation steps:
step one, delineating the test equipment and the script set to be tested.
A user gives all test equipment needed by the test, and gives the following information of the equipment, including equipment models, board card number, interface number, self connection mode, switch information of available interface connection and the like, in a configuration file or database storage mode. These devices constitute the test device pool for this test. Meanwhile, the information of the script set to be tested of the test is given, and the information comprises a script execution sequence, a script name, networking information required by the running of each script, historical running time and the like.
And step two, automatically splitting the script into subtasks.
The complete test of all the scripts is called a parent task. And because the networking environments on which the scripts depend are different in operation, the scripts to be tested are classified and distributed to different subtasks according to different topology networking used by the scripts in a set. One subtask contains a series of scripts that are networked with the same topology. Each subtask is used as an independent operation unit, and test equipment required by the operation of each subtask is distributed in the subsequent operation process of deployment, and a network is automatically established.
And step three, performing subtask allocation operation according to the optimal strategy.
For many subtasks, which task gets the resource first and runs and which task runs later can ensure the shortest running time, which is determined by the script distribution (the equipment resource needed by the script running, the time consumed by the script running) and the condition of the available equipment resource. To obtain the shortest total operation duration, the deployment operation scheme includes, but is not limited to, the following:
(1) preferentially executing subtasks with less firewall resource requirements in the topological networking;
(2) the method comprises the following steps of preferentially executing a subtask with higher firewall resource requirement in the topological networking;
(3) preferentially executing a subtask of topology networking which is expected to run for a long time;
(4) preferentially executing a subtask of topology networking which is expected to run with short time consumption;
(5) preferentially executing subtasks containing Linux pc in the topology networking;
(6) preferentially executing subtasks containing Windows pc in the topology networking;
of course, before operation, the user can arbitrarily specify the required operation strategy according to specific needs. However, in most cases, it is difficult for the user to determine which deployment scenario can ensure that the test can be completed in the shortest time.
To this end, an optimal policy prediction module may be written in advance. By inputting current script information (including the execution sequence of the script, the historical running time and the information of various equipment resources required by running) and testing equipment pool information (the information and the quantity of available interfaces of various types of equipment), the prediction module can quickly predict the strategy algorithm which consumes the shortest time to run under the conditions based on the current script and the equipment by simulating the running modes of various strategies.
FIG. 4 is a flow chart of a simulation process of the optimal strategy prediction module for each strategy according to an alternative embodiment of the present invention, as shown in FIG. 4, whose flow outline steps are described as follows:
1. three lists are built:
config _ tasklist, list of subtasks to be run.
running _ tasklist running the neutron task list.
finish _ tasklist-list of subtasks that end running.
The objects in the list are each subtask information. Recording resource information (the number of firewall devices, the number of windows pc, the number of winpcnum, and the number of linux pcnum) required by each subtask, wherein the expected running time of all scripts in the task, namely running time, is estimated, the running time of the task is started, and the running time of the task is ended.
2. Adding the device information of the device running pool into a devpool list (the number of firewall devices is dutnum, the number of windows pc is winpcnum, the number of linux pc is linux pcnum)
3. And sequencing the subtasks in the config _ tasklist according to the current strategy scheme. If the current evaluation strategy is that the subtasks with less firewall resource requirements in the topological networking are preferentially executed, the subtasks are sorted from small to large according to the dutnum, and if the current evaluation strategy is that the subtasks of the topological networking with shorter expected time consumption are preferentially executed, the subtasks are sorted from small to large according to the timetop.
4. And for the task list config _ tasklist to be run, trying to find whether available resources exist in devpool one by one according to the priority sequence arranged in the previous step. If the devpool has the devices meeting the conditions, setting the start time of the to-be-run sub-task as the current time (the first task, the start time is 0), and setting the end time as the start time + time. It is removed from the config _ tasklist and added to the running _ tasklist. And directly skipping the tasks to be run without processing for the device resources which can not meet the conditions in the devpool.
5. And for the running task list running _ tasklist, sorting the list from small to large according to the endtime. And taking the task with the minimum endtime, removing the task out of running _ tasklist, adding the task into finish _ tasklist, and returning the device resources occupied by the task into a devpool list. Note that: only one task in running tasklist is processed at a time. This is because the resources are reconfigured when the running of each subtask ends, and the sequence of task ending times in running _ tasklist changes.
6. It is determined whether the number of tasks in finish _ tasklist is equal to the total number of subtasks. If so, the process ends. Otherwise, acquiring the endtime of the last finish task as the predicted running time of the current strategy. Otherwise, returning to the step 4 and continuing a new round of circulation.
And (4) according to the steps 1 to 6, after all strategies are simulated, returning the strategy with the shortest running time of the obtained simulation result as the optimal strategy.
Fig. 5 is a timing diagram of the operation of multiple subtasks according to an alternative embodiment of the present invention, and as shown in fig. 5, the current script to be tested can be split into 6 subtasks according to different networking conditions, and the optimal task allocation policy is selected according to the above scheme. At the beginning of use, in the test device pool, there are resources that can satisfy tasks 1, 2, and 3 at the same time, so the start time start _ time of tasks 1, 2, and 3 is the same. And when each task is finished, releasing the resources for the next task which is not operated until all the tasks finish resource allocation, networking and operation.
And step four, automatically networking the equipment.
After the task allocation operation sequence is determined, each allocated and operated subtask establishes a topology environment required by operation for the equipment resources allocated to the subtask in an automatic networking mode. The automatic networking process is that a logic topology is realized through an autonomously developed network topology deployment engine, the topology mapping is completed with the selected test equipment, and then the test topology is automatically deployed based on the VLAN technology of the switching interconnection equipment (such as a switch, an OVS and the like).
And fifthly, disassembling the subtasks which are long in time consumption and run so as to ensure that the test equipment is not idle.
In order to ensure that the resources of the test equipment are not idle as much as possible, in addition to the general task allocation process described above, the following long and time-consuming task disassembly process in operation can be added.
In the task running process, when all the tasks to be run cannot obtain available resources in devpool and the devpool still has the remaining testing equipment resources, traversing the running _ task running tasks one by one, and if the remaining running time is found to be greater than a certain threshold, for example, 2 hours, checking the remaining equipment in the devpool to determine whether the running resource requirements of the running tasks can be met. If the task is satisfied, the running task is further split into new subtasks, and the residual equipment resources are distributed to the new subtasks and run in parallel with the original running subtasks. Therefore, the utilization rate of equipment resources is ensured, and the total running time of the tasks can be effectively shortened.
Fig. 6 is a timing diagram illustrating the total running time of the task during running of a plurality of subtasks according to an alternative embodiment of the present invention, and as shown in fig. 6, the script following the task 3 can be intercepted to form a subtask 3.1, and the total running time can be shortened.
And identifying faults of the test resources Crash or abnormal connection and the like in the running process of the subtasks, and marking the faults. Such devices no longer revert to the pool of test devices, i.e. do not participate in subsequent resource allocation. And sends out an alarm mail. Therefore, the influence of the fault equipment on the subsequent script operation is reduced to the maximum extent. Meanwhile, new available equipment can be flexibly added into the equipment operation pool at any time. For the subsequent subtask deployment.
In the optional embodiment of the invention, the technical algorithms such as network topology automatic mapping and deployment technology, parallel test algorithm measuring and calculating technology, test resource dynamic allocation and the like are utilized, and the invention mainly has the following beneficial effects in five aspects:
(1) the manual maintenance cost of automatically testing the fixed networking environment is eliminated, and meanwhile, the probability of networking faults caused by manual operation is reduced.
(2) The test can be quickly established only by delineating the equipment to be tested and the script to be tested and giving relevant information.
(3) And (4) performing operation time evaluation on various allocation strategies through an optimal strategy prediction module to give an optimal task allocation scheme. The adopted tasks and resource allocation strategies are ensured to be adapted to the current scripts and equipment scenes, and the shortest running time and the optimal running efficiency are achieved.
(4) And a running disassembly scheme of a long time-consuming task is introduced to maximally ensure that the test equipment is not idle.
(5) For the failed equipment, the test equipment pool can be removed at any time. And a tester can put the fault-free equipment into the test equipment pool at any time, so that the subsequent test is ensured to be carried out smoothly.
Example 2
According to another aspect of the embodiments of the present invention, there is also provided a firewall testing apparatus, and fig. 7 is a schematic diagram of the firewall testing apparatus according to the embodiments of the present invention, as shown in fig. 7, the firewall testing apparatus includes: a first determination module 72, a second determination module 74, and a test module 76. The firewall testing apparatus will be described in detail below.
A first determining module 72, configured to determine a plurality of test subtasks according to types of topology networking used by a plurality of scripts of a target test task during testing, where each type of topology networking corresponds to one test subtask, and each test subtask includes at least one script; a second determining module 74, connected to the first determining module 72, configured to determine a test subtask sequence corresponding to a shortest time required for invoking a test device in a device pool to execute a target test task, where the device pool includes a plurality of test devices required for executing the target test task; and a testing module 76, connected to the second determining module 74, configured to sequentially obtain, based on the sequence of the testing subtasks in the testing subtask sequence, a topology network required by the testing devices to form the testing subtasks from the testing device pool to execute the testing, and release the testing devices used by the testing subtasks to the device pool after the testing of each testing task subtask is executed until the testing of the last testing subtask in the testing subtask sequence is executed.
In the embodiment of the invention, the firewall testing device can achieve the purpose of flexible and efficient automatic testing, thereby realizing the technical effect of improving the utilization rate of testing equipment and the testing efficiency, and further solving the technical problems of low equipment utilization rate and low testing efficiency of the firewall automatic testing method in the related technology.
It should be noted that the above modules may be implemented by software or hardware, for example, for the latter, the following may be implemented: the modules can be located in the same processor; alternatively, the modules may be located in different processors in any combination.
It should be noted here that the first determining module 72, the second determining module 74 and the testing module 76 correspond to steps S202 to S206 in embodiment 1, and the modules are the same as the corresponding steps in the implementation example and application scenarios, but are not limited to the disclosure in embodiment 1. It should be noted that the modules described above as part of an apparatus may be implemented in a computer system such as a set of computer-executable instructions.
Optionally, the second determining module includes: the device comprises a first determining unit, a second determining unit and a control unit, wherein the first determining unit is used for determining a plurality of test rules of a plurality of test subtasks, and each test rule corresponds to a test sequence of running of the plurality of test subtasks; the device comprises a first acquisition unit, a second acquisition unit and a third acquisition unit, wherein the first acquisition unit is used for acquiring script information of a plurality of scripts of a target test task, and the script information at least comprises a script name, test equipment information required by script operation and operation duration of the script; the second acquisition unit is used for acquiring available test equipment information in the equipment pool, wherein the available test equipment information at least comprises an idle equipment type and an equipment number; the second determining unit is used for determining the testing time length for calling the testing equipment in the equipment pool to execute the target testing task based on each testing rule, the script information of the scripts and the available testing equipment information to obtain a plurality of testing time lengths; and the third determining unit is used for determining the shortest time length in the plurality of test time lengths and determining the test subtask sequence according to the test sequence contained in the test rule corresponding to the shortest time length.
Optionally, the second determining unit includes: the device comprises a first determining subunit, a second determining subunit and a third determining subunit, wherein the first determining subunit is used for determining a first task list corresponding to a test subtask to be operated, a second task list corresponding to the test subtask in operation and a third task list corresponding to the test subtask in operation, and the first task list, the second task list and the third task list respectively comprise test equipment information required by the topology network formed by each test subtask in a corresponding type, a preset time length for completing the operation of a script in each test subtask in the corresponding type and an operation starting time and an operation ending time of each test subtask in the corresponding type; the first processing subunit is used for sequencing the test subtasks to be operated in the first task list based on the test sequence contained in the test rule, searching available test equipment required by the test subtasks to be operated in a list corresponding to the available test equipment information according to a sequencing result, determining the operation starting time of the test subtasks to be operated as the current time under the existence condition, determining the sum of the preset time length and the operation ending time of the test subtasks to be operated as the ending time, and moving the test subtasks to be operated from the first task list to the second task list; and the second processing subunit is used for sequencing the running test subtasks in the first task list according to the running end time, moving the running test subtasks corresponding to the minimum running end time in the sequencing result from the second task list to the third task list until the quantity of the running end test subtasks in the third task list is equal to the quantity of the plurality of test subtasks corresponding to the target test task, and determining the test time length corresponding to the test rule based on the end time corresponding to the last running end test subtask in the third task list.
Optionally, the test module further includes: the first processing unit is used for traversing the running test subtasks if the residual test equipment exists in the equipment pool under the condition that the test subtasks to be run do not exist or all the test subtasks to be run do not obtain the required test equipment in the equipment pool, and judging whether the target test subtasks with the residual running time longer than a target threshold exist in the running test subtasks or not; the second processing unit is used for judging whether the residual equipment in the equipment pool meets the requirement of the test equipment operated by the target test subtask or not under the condition that the target test subtask exists; and the third processing unit is used for splitting the target test subtask under the condition of meeting the requirement to obtain a first target test subtask and a second target test subtask, and distributing the residual test equipment to the second target test subtask.
Optionally, the test module further includes: and the fourth processing unit is used for triggering alarm information and stopping executing the operation of releasing the fault test equipment to the equipment pool under the condition that the fault test equipment is detected.
Optionally, the test module further includes: and the fifth processing unit is used for detecting the condition of the fault test equipment and adding the test equipment with the same type as the fault test equipment to the equipment pool.
Example 3
According to another aspect of the embodiments of the present invention, there is also provided a non-volatile storage medium including a stored program, wherein the program controls a device in which the non-volatile storage medium is located to execute a firewall testing method when running.
Example 4
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including a processor and a memory; the memory has stored therein computer readable instructions, and the processor is configured to execute the computer readable instructions, wherein the computer readable instructions when executed perform a firewall testing method.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (10)

1. A firewall testing method is characterized by comprising the following steps:
determining a plurality of test subtasks according to the type of topology networking adopted by a plurality of scripts of a target test task during testing, wherein each type of topology networking corresponds to one test subtask, and each test subtask comprises at least one script;
determining a test subtask sequence corresponding to the shortest time required when a test device in a calling device pool executes the target test task, wherein the device pool comprises a plurality of test devices required for executing the target test task;
and based on the sequence of the test subtasks in the test subtask sequence, sequentially acquiring a topological network required by the test equipment to form the test subtasks from the test equipment pool to execute the test, and releasing the test equipment used by the test subtasks to the equipment pool after the test of each test task is executed until the test of the last test subtask in the test subtask sequence is executed.
2. The method of claim 1, wherein determining the test subtask sequence corresponding to the shortest duration required when the test device in the call device pool executes the target test task comprises:
determining a plurality of test rules of a plurality of test subtasks, wherein each test rule corresponds to a test sequence of the plurality of test subtasks;
acquiring script information of a plurality of scripts of the target test task, wherein the script information at least comprises a script name, test equipment information required by script operation and operation duration of the script;
obtaining available test equipment information in the equipment pool, wherein the available test equipment information at least comprises an idle equipment type and an equipment number;
determining the testing time length for calling the testing equipment in the equipment pool to execute the target testing task based on each testing rule, the script information of the scripts and the available testing equipment information to obtain a plurality of testing time lengths;
and determining the shortest time length in the plurality of test time lengths, and determining the test subtask sequence according to the test sequence contained in the test rule corresponding to the shortest time length.
3. The method of claim 2, wherein determining a test duration for invoking test equipment in the equipment pool to perform the target test task based on each of the test rules, script information for the plurality of scripts, and the available test equipment information comprises:
determining a first task list corresponding to a test subtask to be run, a second task list corresponding to the test subtask in the running process, and a third task list corresponding to the test subtask in the running process, wherein the first task list, the second task list, and the third task list respectively include test equipment information required by each test subtask in the corresponding type to form a topology network, a preset duration for finishing running a script in each test subtask in the corresponding type, and a running start time and a running finish time of each test subtask in the corresponding type;
based on a test sequence contained in the test rule, sequencing the test subtasks to be operated in the first task list, searching the available test equipment required by the test subtasks to be operated in a list corresponding to the available test equipment information according to a sequencing result, determining the operation starting time of the test subtasks to be operated as the current time under the existence condition, determining the sum of the preset time and the operation ending time of the test subtasks to be operated as the ending time, and moving the test subtasks to be operated from the first task list to the second task list;
and sequencing the running test subtasks in the first task list according to running end time, moving the running test subtasks corresponding to the minimum running end time in a sequencing result from the second task list to the third task list until the quantity of the running test subtasks in the third task list is equal to the quantity of the plurality of test subtasks corresponding to the target test task, and determining the test duration corresponding to the test rule based on the end time corresponding to the last running test subtask in the third task list.
4. The method according to claim 1, wherein in the process of sequentially obtaining, based on the order of the test subtasks in the test subtask sequence, the topological networks required by the test devices to form the test subtasks from the test device pool to perform the test, the method further comprises:
under the condition that the test subtasks to be operated do not exist or all the test subtasks to be operated do not obtain the required test equipment in the equipment pool, traversing the test subtasks in operation if the residual test equipment exists in the equipment pool, and judging whether the target test subtasks with the residual operation time length larger than the target threshold exist in the test subtasks in operation or not;
under the condition that the target test subtask exists, judging whether the residual equipment in the equipment pool meets the requirement of the test equipment for running the target test subtask;
and under the condition of meeting the requirement, splitting the target test subtask to obtain a first target test subtask and a second target test subtask, and distributing the residual test equipment to the second target test subtask.
5. The method according to claim 1, wherein in the process of sequentially obtaining, based on the order of the test subtasks in the test subtask sequence, the topological networks required by the test devices to form the test subtasks from the test device pool to perform the test, the method further comprises:
and under the condition that the fault test equipment is detected, triggering alarm information, and stopping executing the operation of releasing the fault test equipment to the equipment pool.
6. The method according to claim 5, wherein in the process of sequentially obtaining the topology network required by the test equipment to compose the test subtask from the test equipment pool based on the order of the test subtasks in the test subtask sequence to execute the test, the method further comprises:
and when the condition of the fault test equipment is detected, adding test equipment with the same type as the fault test equipment to the equipment pool.
7. A firewall testing device, comprising:
the device comprises a first determining module, a second determining module and a testing module, wherein the first determining module is used for determining a plurality of testing subtasks according to the types of topology networking adopted by a plurality of scripts of a target testing task during testing, each type of topology networking corresponds to one testing subtask, and each testing subtask comprises at least one script;
a second determining module, configured to determine a test subtask sequence corresponding to a shortest time required for a test device in a device pool to execute the target test task, where the device pool includes multiple test devices required for executing the target test task;
and the test module is used for sequentially acquiring a topological network required by test equipment to form the test subtasks from the test equipment pool based on the sequence of the test subtasks in the test subtask sequence so as to execute the test, and releasing the test equipment used by the test subtasks to the equipment pool after the test of each test task subtask is executed until the test of the last test subtask in the test subtask sequence is executed.
8. The apparatus of claim 7, wherein the second determining module comprises:
the device comprises a first determining unit, a second determining unit and a control unit, wherein the first determining unit is used for determining a plurality of test rules of a plurality of test subtasks, and each test rule corresponds to a test sequence of running of the plurality of test subtasks;
the device comprises a first acquisition unit, a second acquisition unit and a control unit, wherein the first acquisition unit is used for acquiring script information of a plurality of scripts of the target test task, and the script information at least comprises script names, test equipment information required by script operation and operation duration of the scripts;
a second obtaining unit, configured to obtain available test device information in the device pool, where the available test device information at least includes an idle device type and a device number;
a second determining unit, configured to determine, based on each of the test rules, the script information of the multiple scripts, and the available test device information, a test duration for calling the test devices in the device pool to execute the target test task, so as to obtain multiple test durations;
and the third determining unit is used for determining the shortest time length in the plurality of test time lengths and determining the test subtask sequence according to the test sequence contained in the test rule corresponding to the shortest time length.
9. A non-volatile storage medium, comprising a stored program, wherein the program when executed controls a device in which the non-volatile storage medium is located to perform the firewall testing method of any one of claims 1 to 6.
10. An electronic device comprising a processor and a memory, the memory having computer-readable instructions stored therein, the processor being configured to execute the computer-readable instructions, wherein the computer-readable instructions are configured to execute the firewall testing method according to any one of claims 1 to 6.
CN202011641893.XA 2020-12-31 2020-12-31 Firewall testing method and device, nonvolatile storage medium and electronic device Active CN112769810B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011641893.XA CN112769810B (en) 2020-12-31 2020-12-31 Firewall testing method and device, nonvolatile storage medium and electronic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011641893.XA CN112769810B (en) 2020-12-31 2020-12-31 Firewall testing method and device, nonvolatile storage medium and electronic device

Publications (2)

Publication Number Publication Date
CN112769810A true CN112769810A (en) 2021-05-07
CN112769810B CN112769810B (en) 2023-04-07

Family

ID=75698526

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011641893.XA Active CN112769810B (en) 2020-12-31 2020-12-31 Firewall testing method and device, nonvolatile storage medium and electronic device

Country Status (1)

Country Link
CN (1) CN112769810B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113488410A (en) * 2021-06-25 2021-10-08 北京北方华创微电子装备有限公司 Semiconductor processing equipment and control method and device of moving part thereof
CN114301805A (en) * 2021-12-14 2022-04-08 山石网科通信技术股份有限公司 Method and device for determining number of devices and electronic device
CN114302351A (en) * 2022-03-09 2022-04-08 太平金融科技服务(上海)有限公司深圳分公司 Short message service processing method and device, computer equipment and storage medium
CN114301638A (en) * 2021-12-13 2022-04-08 山石网科通信技术股份有限公司 Method and device for reproducing firewall rules, storage medium and processor
CN115297024A (en) * 2022-08-19 2022-11-04 山石网科通信技术股份有限公司 Performance test method and device of network security equipment and electronic equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108055161A (en) * 2017-12-28 2018-05-18 新华三技术有限公司 A kind of networking optimization method and device
CN110365552A (en) * 2019-07-09 2019-10-22 山石网科通信技术股份有限公司 Test method, device, storage medium and processor
CN111159006A (en) * 2018-11-07 2020-05-15 迈普通信技术股份有限公司 Automatic testing method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108055161A (en) * 2017-12-28 2018-05-18 新华三技术有限公司 A kind of networking optimization method and device
CN111159006A (en) * 2018-11-07 2020-05-15 迈普通信技术股份有限公司 Automatic testing method and device
CN110365552A (en) * 2019-07-09 2019-10-22 山石网科通信技术股份有限公司 Test method, device, storage medium and processor

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113488410A (en) * 2021-06-25 2021-10-08 北京北方华创微电子装备有限公司 Semiconductor processing equipment and control method and device of moving part thereof
CN114301638A (en) * 2021-12-13 2022-04-08 山石网科通信技术股份有限公司 Method and device for reproducing firewall rules, storage medium and processor
CN114301638B (en) * 2021-12-13 2024-02-06 山石网科通信技术股份有限公司 Firewall rule reproduction method and device, storage medium and processor
CN114301805A (en) * 2021-12-14 2022-04-08 山石网科通信技术股份有限公司 Method and device for determining number of devices and electronic device
CN114301805B (en) * 2021-12-14 2024-04-26 山石网科通信技术股份有限公司 Method and device for determining number of devices and electronic device
CN114302351A (en) * 2022-03-09 2022-04-08 太平金融科技服务(上海)有限公司深圳分公司 Short message service processing method and device, computer equipment and storage medium
CN115297024A (en) * 2022-08-19 2022-11-04 山石网科通信技术股份有限公司 Performance test method and device of network security equipment and electronic equipment
CN115297024B (en) * 2022-08-19 2024-02-06 山石网科通信技术股份有限公司 Performance test method and device of network security equipment and electronic equipment

Also Published As

Publication number Publication date
CN112769810B (en) 2023-04-07

Similar Documents

Publication Publication Date Title
CN112769810B (en) Firewall testing method and device, nonvolatile storage medium and electronic device
CN102214139B (en) Automatic test performance control and debugging method facing distributed system
US9444717B1 (en) Test generation service
CN104461693B (en) Virtual machine update method and system under a kind of desktop cloud computing environment
CN111881014B (en) System test method, device, storage medium and electronic equipment
CN108984179B (en) Linux compiling processing method and device
CN107870948A (en) Method for scheduling task and device
CN111258913A (en) Automatic algorithm testing method and device, computer system and readable storage medium
CN114692169B (en) Page vulnerability processing method applying big data and AI analysis and page service system
CN112799596A (en) Capacity expansion control method and device for storage resources and electronic equipment
CN111124911A (en) Automatic testing method, device, equipment and readable storage medium
CN111258591A (en) Program deployment task execution method and device, computer equipment and storage medium
CN110990289B (en) Method and device for automatically submitting bug, electronic equipment and storage medium
CN114416589B (en) Network target range comprehensive detection method, device, equipment and readable storage medium
WO2016018352A1 (en) Platform configuration selection based on a degraded makespan
CN109450724A (en) A kind of test method and relevant apparatus of NFS internal memory optimization function
EP4152715A1 (en) Method and apparatus for determining resource configuration of cloud service system
CN116701043B (en) Heterogeneous computing system-oriented fault node switching method, device and equipment
CN115632944B (en) Node configuration method, device, equipment, readable storage medium and server
CN111930476B (en) Task scheduling method and device and electronic equipment
CN114301805B (en) Method and device for determining number of devices and electronic device
CN115297024A (en) Performance test method and device of network security equipment and electronic equipment
CN115237441A (en) Upgrade test method, device and medium based on cloud platform
CN114297067A (en) Script testing method and device
CN114328196A (en) Method, device and equipment for testing data leakage prevention system and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant