Unified Firewall Abstraction laYer for Automation

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for A-Khanafer from gravatar.com A-Khanafer

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Ahmad Khanafer
  • Tags firewall , automation , network , abstraction-layer , unified
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

UFAYA

Unified Firewall Abstraction laYer for Automation

CI PyPI version Python versions License: MIT

UFAYA is a Python SDK that provides a single, consistent interface for interacting with firewalls from multiple vendors. Instead of writing separate automation scripts for each firewall platform, UFAYA exposes a unified abstraction layer that normalizes firewall operations across different systems.

The design follows the same architectural principle used by tools like NAPALM, which provide a unified API to interact with devices from different vendors through an abstraction layer.

Supported Vendors

Vendor Driver Status
Juniper SRX juniper_srx Read-only XML ingestion + firewall-rule JSON export with live policy hit counts + XML-first NAT JSON export
Palo Alto paloalto Skeleton
Fortinet fortinet Skeleton
Cisco cisco Skeleton

Juniper SRX exports

JuniperSRXDriver.export_rules_json(output_dir, mode=...) writes a context-grouped JSON document for parsed security policies.

  • Export modes remain minimal, enriched, and debug.
  • Export payloads now use schema_version: 3.
  • Each exported rule includes a canonical hit_count field.
  • In live mode, UFAYA fetches show security policies hit-count | display xml | no-more and populates hit_count when that operational snapshot is available.
  • The live hit-count parser supports both older policy-information responses and newer Junos operational XML variants such as multi-routing-engine-results with policy-hit-count-entry records.
  • In file mode, or when the live hit-count snapshot cannot be collected, rules still include hit_count: null.
  • Live exports that successfully collect hit counts also include a top-level hit_counts_collected_at UTC timestamp.
  • Hit-count parser maintenance notes live in JUNIPER_HIT_COUNTS.md.

JuniperSRXDriver.export_nat_json(output_dir, mode=...) writes a context-grouped JSON document for parsed Junos NAT rules.

  • NAT export is XML-first in both modes:
    • live mode fetches show configuration | display xml | no-more
    • file mode reads the XML file passed via config_path
  • NAT parsing walks <security><nat><source>, <destination>, and <static> from configuration XML.
  • NAT export modes are also minimal, enriched, and debug.
  • NAT payloads use schema_version: 1.
  • Exported NAT rules use a vendor-agnostic, rule-centric shape with canonical match and translation blocks.
  • Enriched and debug NAT exports also include referenced translation pools under supporting_objects.translation_pools.
  • NAT lookup metadata records Juniper precedence as static, then destination, then source.

Installation

pip install ufaya

Contributing

See CONTRIBUTING.md for guidelines.

License

MIT

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for A-Khanafer from gravatar.com A-Khanafer

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Ahmad Khanafer
  • Tags firewall , automation , network , abstraction-layer , unified
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.6.3

0.6.2

0.6.1

This version

0.6.0

0.5.1

0.5.0

0.4.0

0.3.0

0.2.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ufaya-0.6.0.tar.gz (41.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ufaya-0.6.0-py3-none-any.whl (25.7 kB view details)

Uploaded Python 3

File details

Details for the file ufaya-0.6.0.tar.gz.

File metadata

  • Download URL: ufaya-0.6.0.tar.gz
  • Upload date:
  • Size: 41.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for ufaya-0.6.0.tar.gz
Algorithm Hash digest
SHA256 1c481406c44064aed39b4defb8b634cad1bf519380bc79d3c2bb89be060e7728
MD5 176ac10c3e683a126644c2943da1b909
BLAKE2b-256 ae4e9474c806b411ac1faa05db760efcb5328f5aa45df67899c3a55d3c4907f9

See more details on using hashes here.

Provenance

The following attestation bundles were made for ufaya-0.6.0.tar.gz:

Publisher: publish.yml on A-Khanafer/ufaya

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ufaya-0.6.0-py3-none-any.whl.

File metadata

  • Download URL: ufaya-0.6.0-py3-none-any.whl
  • Upload date:
  • Size: 25.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for ufaya-0.6.0-py3-none-any.whl
Algorithm Hash digest
SHA256 64cf5dcd04b25850f7f2114bb5a798ae7f5feab9043d7e2050c8ab0ff79f16de
MD5 a807ae02282f76cb7e7ccf63544a40c0
BLAKE2b-256 0a904520fed27bdf2b3a77bb86e8efadb27d8924e73bc52eee784b5a5c994162

See more details on using hashes here.

Provenance

The following attestation bundles were made for ufaya-0.6.0-py3-none-any.whl:

Publisher: publish.yml on A-Khanafer/ufaya

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page