Generate firewall configs for multiple firewall platforms from a single platform-agnostic configuration language through a command line tool and Python API.
Aerleon is a fork of Capirca with the following enhancements:
- New platform generators can now be added as plugins. Users no longer need to fork the project to add support for new platforms. Common platform support is still built in.
- YAML is now supported for policy files, network definitions, and service definitions.
- A powerful new Generate API is added that accepts policies, network definitions, and service definitions as native Python data.
- Performance in address book generation for SRX and Palo Alto targets is greatly improved.
- A detailed regression test suite was added to the project.
- Unit and regression tests run automatically on all pull requests.
- New developer tools are integrated with the project: Poetry, PyProject, nox, Codecov, Sigstore.
See the 1.0.0 Release Notes for a complete list of changes.
Aerleon requires Python 3.7 or higher.
pip install aerleon
Aerleon provides a command line tool and a Python API that will generate configs for multiple firewall platforms from a single platform-agnostic configuration language. It can generate configs for Cisco, Juniper, Palo Alto Networks and many other firewall vendors.
A getting started guide walking through the basics of using Aerleon is avaiable on the docs website.
Documentation can be found at https://aerleon.readthedocs.io/en/latest/.
Contributions are welcome. Please review the contributing guidelines and code of conduct for this project.
Official channels for communicating issues is via Github Issues.
General discussions can be had either in Github Discussions or in our Slack Server.
You can always reach out to us on Slack. You many also reach out to us via e-mail.
Rob Ankeny ([email protected])
Jason Benterou ([email protected])
- Brief Overview (4 slides):
- Nanog49; Enterprise QoS
- Blog Post: Safe ACL Change through Model-based Analysis
- Aerleon Slack
- #aerleon at NetworkToCode Slack
Thanks goes to these wonderful people (emoji key):
Ken Celenza 📖 |
Axel F 📖 |
|||||
Add your contributions |
This project follows the all-contributors specification. Contributions of any kind welcome!
Files and code included in this project from Capirca are copyright Google and are included under the terms of the Apache License, Version 2.0. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Contributors who wish to modify files bearing a copyright notice are obligated by the terms of the Apache License, Version 2.0 to include at the top of the file a prominent notice stating as much. Copyright notices must not be removed from files in this repository.
This README file and other documentation files may contain phrases and sections that are copyright Google. This file and other documentation files are modified from the original by the Aerleon Project Team.