Firewall rule and config integrity checks across exports and change systems
Project description
fwintegrity
Compare policy audit exports (tabular) with change tickets (CSV or dict rows). Normalize addresses, services, and change kinds, then match rows bidirectionally or build atomic triple indexes for coverage checks.
Install
pip install fwintegrity
Quick use
from fwintegrity import (
AUDIT_EXPORT_DEFAULT_MAPPING,
TICKET_CSV_DEFAULT_MAPPING,
build_ticket_triple_index,
from_csv_text,
link_audit_to_ticket_requests,
load_change_rows,
)
audit_rows = load_change_rows(from_csv_text(audit_csv), AUDIT_EXPORT_DEFAULT_MAPPING)
ticket_rows = load_change_rows(from_csv_text(ticket_csv), TICKET_CSV_DEFAULT_MAPPING)
links = link_audit_to_ticket_requests(audit_rows, ticket_rows)
idx = build_ticket_triple_index(ticket_rows)
Legacy string audit CSV (wide _CANON headers) still works: link_audit_to_ticket_requests(audit_csv_text, ticket_csv_text).
See scripts/sample_demo.py for a minimal example.
Documentation
- Customization guide — how to adapt parsers, column maps, ignore lists, and matching rules to your organization’s formats (vendor-neutral extension points).
Features (summary)
- Endpoints: IPv4 literals/CIDR, prefixed audit-export tokens (
IP_,Host_,net_,Range_, …), optional object/group names; mixed cells becomeAddrCompound. - Services:
TCP_443-style audit tokens, loose ticket strings (TCP 80 UDP 53), optional service object names →ServiceCompound. - Matching: bidirectional containment on source, destination, and service (
change_match,compare_changes). - Triples:
TicketTripleIndex/audit_triples_all_in_indexfor(src_atom, dst_atom, svc_atom)style checks. - Loading: declare columns with
ChangeRowMapping, thenfrom_csv_text/from_csv_path/from_excel_path/from_dict_rows/from_package_resource+load_change_rows(seetable_load.py).
Requirements
Python 3.10+
Development
pip install -e ".[dev]"
pytest
ruff check src tests
Build and publish to PyPI
- Create a PyPI account and API token.
- Bump
versioninpyproject.tomlandsrc/fwintegrity/__init__.py(__version__). - Build and upload:
pip install build twine
python -m build
twine check dist/*
twine upload dist/*
Use TestPyPI first if you prefer: twine upload --repository testpypi dist/*
Customization (PyPI / offline)
The wheel ships the Python package only. Vendor-specific behavior is adjusted by editing or wrapping:
| Area | Location |
|---|---|
| Column mapping + unified load | table_load.ChangeRowMapping, load_change_rows, from_* sources; optional mapping= on load_audit_table / load_ticket_table |
| Audit CSV header → keys (legacy wide export) | audit_report._CANON |
| Ticket id columns | ticket._TICKET_NUMBER_KEYS |
| Address & service parsing | normalize.parse_*, expand_audit_network_token, _iter_loose_tcp_udp_segments |
| Change-kind compatibility (audit vs ticket) | compare.DEFAULT_AUDIT_TO_TICKET_KINDS or pass matrix= |
| Ignored services (ICMP, etc.) | ignore_lists.DEFAULT_IGNORED_SERVICE_NAMES, merged_ignored_service_names |
| Triple key strings | triple_index.endpoint_atom_keys, service_atom_keys |
Clone the repository for the full walkthrough: docs/CUSTOMIZATION.md (Chinese, file paths and hooks).
License
MIT — see LICENSE.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fwintegrity-0.3.0.tar.gz.
File metadata
- Download URL: fwintegrity-0.3.0.tar.gz
- Upload date:
- Size: 23.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8d021c3cb564dc574e62b168c5b9e08c7c5ced402f5e2b19445903c4782a73a5
|
|
| MD5 |
ce4cd82eed56e1f4a5ba159c5b817400
|
|
| BLAKE2b-256 |
941618d9235ef2cf74e4573b5b6f9098731ff9630982141a26b2b20cbb7562e2
|
Provenance
The following attestation bundles were made for fwintegrity-0.3.0.tar.gz:
Publisher:
python-publish.yml on Duckweeds7/fwintegrity
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
fwintegrity-0.3.0.tar.gz -
Subject digest:
8d021c3cb564dc574e62b168c5b9e08c7c5ced402f5e2b19445903c4782a73a5 - Sigstore transparency entry: 1533822297
- Sigstore integration time:
-
Permalink:
Duckweeds7/fwintegrity@a82ca8bac22c1b470b20301d2cd7408425292a26 -
Branch / Tag:
refs/tags/v0.3.0 - Owner: https://github.com/Duckweeds7
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-publish.yml@a82ca8bac22c1b470b20301d2cd7408425292a26 -
Trigger Event:
release
-
Statement type:
File details
Details for the file fwintegrity-0.3.0-py3-none-any.whl.
File metadata
- Download URL: fwintegrity-0.3.0-py3-none-any.whl
- Upload date:
- Size: 20.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
62e7a2f9fa76b1354cbbbf765edffd6539adc0bdd60dd58d23509e5940c331fb
|
|
| MD5 |
ad3e261310b4c5e1b09ca279ce5d8ddc
|
|
| BLAKE2b-256 |
75697d4a77e25db25ffed9f3ffe2453059a3907a63517b033bb08021cf308c47
|
Provenance
The following attestation bundles were made for fwintegrity-0.3.0-py3-none-any.whl:
Publisher:
python-publish.yml on Duckweeds7/fwintegrity
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
fwintegrity-0.3.0-py3-none-any.whl -
Subject digest:
62e7a2f9fa76b1354cbbbf765edffd6539adc0bdd60dd58d23509e5940c331fb - Sigstore transparency entry: 1533822547
- Sigstore integration time:
-
Permalink:
Duckweeds7/fwintegrity@a82ca8bac22c1b470b20301d2cd7408425292a26 -
Branch / Tag:
refs/tags/v0.3.0 - Owner: https://github.com/Duckweeds7
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-publish.yml@a82ca8bac22c1b470b20301d2cd7408425292a26 -
Trigger Event:
release
-
Statement type: