A firewall generation tool
Project description
Aerleon
Generate firewall configs for multiple firewall platforms from a single platform-agnostic configuration language through a command line tool and Python API.
Aerleon is a fork of Capirca with the following major additions:
- YAML policy and network definition files and pol2yaml, a converter from Capirca policy DSL to YAML.
- Network definitions with FQDN data.
- New firewall platforms can be added through plugins.
- Typed Python APIs for ACL generation and aclcheck queries.
- A SLSA-compatible verifiable release process.
- A detailed regression test suite.
- Many bug fixes and performance enhancements.
Install
Aerleon requires Python 3.7 or higher.
pip install aerleon
Overview
Aerleon provides a command line tool and a Python API that will generate configs for multiple firewall platforms from a single platform-agnostic configuration language. It can generate configs for Cisco, Juniper, Palo Alto Networks and many other firewall vendors.
A getting started guide walking through the basics of using Aerleon is available on the docs website.
Documentation
Documentation can be found at https://aerleon.readthedocs.io/en/latest/.
Contributing
Contributions are welcome. Please review the contributing guidelines and code of conduct for this project.
Contact
Official channels for communicating issues is via Github Issues.
General discussions can be had either in Github Discussions or in our Slack Server.
Contact Maintainers
You can always reach out to us on Slack. You many also reach out to us via e-mail.
Rob Ankeny (ankenyr@gmail.com)
Jason Benterou (jason.benterou@gmail.com)
Resources
- Brief Overview (4 slides):
- Nanog49; Enterprise QoS
- Blog Post: Safe ACL Change through Model-based Analysis
- Aerleon Slack
- #aerleon at NetworkToCode Slack
Contributors ✨
Thanks goes to these wonderful people (emoji key):
Ken Celenza 📖 |
Axel F 📖 |
Brandon Bennett 💻 |
Bastian Triller 💻 |
Arzhel Younsi 💻 |
This project follows the all-contributors specification. Contributions of any kind welcome!
Credit
Files and code included in this project from Capirca are copyright Google and are included under the terms of the Apache License, Version 2.0. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Contributors who wish to modify files bearing a copyright notice are obligated by the terms of the Apache License, Version 2.0 to include at the top of the file a prominent notice stating as much. Copyright notices must not be removed from files in this repository.
This README file and other documentation files may contain phrases and sections that are copyright Google. This file and other documentation files are modified from the original by the Aerleon Project Team.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.