What's Changed

This is the first release of Aerleon, a fork of Capirca. It’s based on a commit near Capirca v2.0.6 and is compatible with Capirca.

This release coincides with the release of a new documentation website, https://aerleon.readthedocs.io/en/latest/.
Much of the documentation was edited for completeness and accuracy.

Aerleon is built and released using a SLSA Level 3 build process. Releases can be verified using the steps described in https://aerleon.readthedocs.io/en/latest/install/#verifying-installation.

New Features

• New platform generators can now be added as plugins. Users no longer need to fork the project to add support for new platforms.
• YAML is now supported for policy files, network definitions, and service definitions.
• A powerful new Generate API is added that accepts policies, network definitions, and service definitions as native Python data.
• RTSP and SIP are now supported options for port maps.
• DSMO is enabled for Cisco ASA.

Other Changes and Bug Fixes

• Performance in address book generation for SRX and Palo Alto targets is greatly improved.
• A warning is produced when a term is skipped due to ICMP AF mixing.
• Many sources of non-determinism in output files were removed. Output files can be safely diff’ed.
• Shade checking now produces warnings instead of fatal errors.
• Numeric values are now allowed for the protocol field.
• CiscoASA now uses all text in the verbatim field instead of only the first line.
• Juniper MSMPC documentation was corrected.

Internal Tooling

• The project is renamed to Aerleon.
• A detailed regression test suite was added to the project.
• Unit and regression tests run automatically on all pull requests.
• Dockerfile was removed.
• Developer tools integrated: Poetry, PyProject, nox, Codecov, SigStore.
• Consolidated all NSX-V tests.
• Remove duplicate WrapWords code.
• Remove six (Python 2 is not supported).
• Fix flaky test by pinning RNG seed.

Capirca fork point: f844501

Full Changelog: v2.0.6...1.0.1