https://github.com/aerleon/aerleon

Multi-platform ACL generation system
https://github.com/aerleon/aerleon

Last synced: 3 days ago
JSON representation

Multi-platform ACL generation system

• Host: GitHub
• URL: https://github.com/aerleon/aerleon
• Owner: aerleon
• License: apache-2.0
• Created: 2022-09-13T22:42:41.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2026-01-17T06:53:01.000Z (29 days ago)
• Last Synced: 2026-01-17T17:58:33.333Z (28 days ago)
• Language: Python
• Homepage: https://aerleon.readthedocs.io/
• Size: 5.07 MB
• Stars: 235
• Watchers: 12
• Forks: 46
• Open Issues: 74
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md
  • Security: SECURITY.md
  • Authors: AUTHORS

Awesome Lists containing this project

• awesome-network-automation - Aerleon - Multi-platform ACL generation system with plugin support, YAML-based config, and a Python API. Fork of Capirca. (Library / NETCONF)

README

          
![GitHub](https://img.shields.io/github/license/aerleon/aerleon) [![Code Style](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/ambv/black)

[![PyPI version](https://badge.fury.io/py/aerleon.svg)](https://badge.fury.io/py/aerleon) ![PyPI - Status](https://img.shields.io/pypi/status/aerleon) ![PyPI - Python Version](https://img.shields.io/pypi/pyversions/aerleon) ![PyPI - Downloads](https://img.shields.io/pypi/dm/aerleon)

![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/aerleon/aerleon/release.yml) ![Snyk Vulnerabilities for GitHub Repo](https://img.shields.io/snyk/vulnerabilities/github/aerleon/aerleon) [![aerleon](https://snyk.io/advisor/python/aerleon/badge.svg)](https://snyk.io/advisor/python/aerleon) [![codecov](https://codecov.io/gh/aerleon/aerleon/branch/main/graph/badge.svg?token=C13SR6GMTD)](https://codecov.io/gh/aerleon/aerleon)

# Aerleon

Generate firewall configs for multiple firewall platforms from a single platform-agnostic configuration language through a command line tool and Python API.

Aerleon is a fork of [Capirca](https://github.com/google/capirca) with the following major additions:

- YAML policy and network definition files and [pol2yaml, a converter from Capirca policy DSL to YAML](https://github.com/aerleon/pol2yaml).

- Network definitions with FQDN data.

- New firewall platforms can be added through plugins.

- Typed Python APIs for ACL generation and aclcheck queries.

- A [SLSA-compatible verifiable release process](https://aerleon.readthedocs.io/en/latest/install/#verifying-installation).

- A detailed regression test suite.

- Many bug fixes and performance enhancements.

### Prerequisites

Aerleon requires Python 3.10 or higher.

### Installation Steps

You can install Aerleon using one of the following package managers:

#### Option 1: pip (Python Package Index)

Install Aerleon using `pip`:

```bash

pip install aerleon

```

#### Option 2: Homebrew (macOS/Linux)

Install Aerleon using Homebrew:

```bash

brew install aerleon

```

### Overview

Aerleon provides a command line tool and a Python API to generate configs for multiple firewall platforms from a single platform-agnostic configuration language. Supported platforms include Cisco, Juniper, Palo Alto Networks, and [many others](https://aerleon.readthedocs.io/en/latest/#core-supported-generators).

A [getting started guide](https://aerleon.readthedocs.io/en/latest/getting_started/) is available to walk through the basics of using Aerleon.

### Documentation

Full documentation can be found at [https://aerleon.readthedocs.io/en/latest/](https://aerleon.readthedocs.io/en/latest/).

### Contributing

Contributions are welcome. Please review the [contributing guidelines](https://aerleon.readthedocs.io/en/latest/contributing/) and [code of conduct](https://github.com/aerleon/aerleon/blob/main/CODE_OF_CONDUCT.md).

### Contact

#### Official Communication Channels

- Issues: [GitHub Issues](https://github.com/aerleon/aerleon/issues).

- Discussions: [GitHub Discussions](https://github.com/aerleon/aerleon/discussions).

- Community Chat: [Slack Server](https://join.slack.com/t/aerleon/shared_invite/zt-1ngckm6oj-cK7yj63A~JgqjixEui2Vhw).

#### Maintainers

- Rob Ankeny ([ankenyr@gmail.com](mailto:ankenyr@gmail.com))

- Jason Benterou ([jason.benterou@gmail.com](mailto:jason.benterou@gmail.com))

### Version History

Refer to the [changelog](https://github.com/aerleon/aerleon/releases) for version updates.

### Resources

- [Getting Started Guide](https://aerleon.readthedocs.io/en/latest/getting_started/)

- [Blog Post: Safe ACL Change through Model-based Analysis](https://tech.ebayinc.com/engineering/safe-acl-change-through-model-based-analysis/)

- [Aerleon Slack](https://join.slack.com/t/aerleon/shared_invite/zt-1ngckm6oj-cK7yj63A~JgqjixEui2Vhw)

### Credits

Files and code included in this project from Capirca are copyright Google and

are included under the terms of the Apache License, Version 2.0. You may obtain

a copy of the License at

  

Contributors who wish to modify files bearing a copyright notice are obligated

by the terms of the Apache License, Version 2.0 to include at the top of the

file a prominent notice stating as much. Copyright notices must not be removed

from files in this repository.

This README file and other documentation files may contain phrases and sections that are copyright Google.

This file and other documentation files are modified from the original by the Aerleon Project Team.

## Contributors ✨

Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)):

  

    

      
Ken Celenza
📖

      
Axel F
📖

      
Brandon Bennett
💻

      
Bastian Triller
💻

      
Arzhel Younsi
💻

      
ProtonBruno
💻

      
Lou Lecrivain
💻 📖

    

    

      
ABruihler
💻 📖

      
kyleomalley
💻 📖

      
Jakob Mellberg
💻

    

  

This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!