Aerleon

Generate firewall configs for multiple firewall platforms from a single platform-agnostic configuration language through a command line tool and Python API.

Aerleon is a fork of Capirca with the following major additions:

YAML policy and network definition files and pol2yaml, a converter from Capirca policy DSL to YAML.
Network definitions with FQDN data.
New firewall platforms can be added through plugins.
Typed Python APIs for ACL generation and aclcheck queries.
A SLSA-compatible verifiable release process.
A detailed regression test suite.
Many bug fixes and performance enhancements.

Prerequisites

Aerleon requires Python 3.8 or higher.

Installation Steps

You can install Aerleon using one of the following package managers:

Option 1: pip (Python Package Index)

Install Aerleon using pip:

pip install aerleon

Option 2: Homebrew (macOS/Linux)

Install Aerleon using Homebrew:

brew install aerleon

Overview

Aerleon provides a command line tool and a Python API to generate configs for multiple firewall platforms from a single platform-agnostic configuration language. Supported platforms include Cisco, Juniper, Palo Alto Networks, and many others.

A getting started guide is available to walk through the basics of using Aerleon.

Documentation

Full documentation can be found at https://aerleon.readthedocs.io/en/latest/.

Contributing

Contributions are welcome. Please review the contributing guidelines and code of conduct.

Contact

Official Communication Channels

Issues: GitHub Issues.
Discussions: GitHub Discussions.
Community Chat: Slack Server.

Maintainers

Rob Ankeny (ankenyr@gmail.com)
Jason Benterou (jason.benterou@gmail.com)

Version History

Refer to the changelog for version updates.

Resources

Credits

Files and code included in this project from Capirca are copyright Google and are included under the terms of the Apache License, Version 2.0. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Contributors who wish to modify files bearing a copyright notice are obligated by the terms of the Apache License, Version 2.0 to include at the top of the file a prominent notice stating as much. Copyright notices must not be removed from files in this repository.

This README file and other documentation files may contain phrases and sections that are copyright Google. This file and other documentation files are modified from the original by the Aerleon Project Team.

Contributors ✨

Thanks goes to these wonderful people (emoji key):

_{Ken Celenza}
📖

_{Axel F}
📖

_{Brandon Bennett}
💻

_{Bastian Triller}
💻

_{Arzhel Younsi}
💻

This project follows the all-contributors specification. Contributions of any kind welcome!

Name		Name	Last commit message	Last commit date
Latest commit History 1,191 Commits
.devcontainer		.devcontainer
.github		.github
.vscode		.vscode
aerleon		aerleon
benchmarks		benchmarks
def		def
docs		docs
policies		policies
schemas		schemas
tests		tests
tools		tools
.all-contributorsrc		.all-contributorsrc
.git-blame-ignore-revs		.git-blame-ignore-revs
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
.readthedocs.yml		.readthedocs.yml
.travis.yml		.travis.yml
AUTHORS		AUTHORS
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
MANIFEST.in		MANIFEST.in
README.md		README.md
SECURITY.md		SECURITY.md
aerleon.yml		aerleon.yml
codecov.yml		codecov.yml
make_dist.sh		make_dist.sh
mkdocs.yml		mkdocs.yml
noxfile.py		noxfile.py
poetry.lock		poetry.lock
poetry.toml 8000		poetry.toml
pyproject.toml		pyproject.toml
requirements.txt		requirements.txt
runtime.txt		runtime.txt
test.ipt		test.ipt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation