aerleon
Generate firewall configs for multiple firewall platforms from a single platform-agnostic configuration language through a command line tool and Python API.
Aerleon is a fork of Capirca with the following major additions:
- YAML policy and network definition files and pol2yaml, a converter from Capirca policy DSL to YAML.
- Network definitions with FQDN data.
- New firewall platforms can be added through plugins.
- Typed Python APIs for ACL generation and aclcheck queries.
- A SLSA-compatible verifiable release process.
- A detailed regression test suite.
- Many bug fixes and performance enhancements.
Core Supported Generators
- Arista
- Aruba
- Brocade
- Cisco
- Cisco ASA
- Cisco NX
- Cisco XR
- Cloud Armor
- Google
- Cloud Armor
- GCE
- GCP
- IPSet
- IPTables
- Juniper
- JuniperSRX
- Juniper EVO
- Juniper MPC
- Kubernetes
- NFTables
- VMWare NSXV
- Packet Filter
- Palo Alto
- PCAP Filters
- Windows
- Advanced Firewall
- IPSec
Install & Use
Copyright (C) 2023 aerleon
