fwrule-analyzer
Installation
SKILL.md
Firewall Rule Analyzer
MCP Server
- Repository: AutomateIP/fwrule-mcp
- Transport: stdio (Python via
uv run fwrule-mcp) - Install:
git clone+uv sync(orpip install -e .) - Requires: No environment variables — standalone analysis engine
- Dependencies:
fastmcp>=2.0,pydantic>=2.0, Python 3.11+
Available Tools (3)
| Tool | What It Does |
|---|---|
analyze_firewall_rule_overlap |
Compare a candidate rule against an existing ruleset using 6-dimensional set intersection (zones, addresses, ports, protocols, actions, applications). Detects overlaps, shadowing, conflicts, and duplicates. Supports two input modes: vendor-native config via built-in parsers, or pre-normalized JSON. |
parse_policy |
Convert vendor-native firewall configurations into a standardized JSON schema. Enables inspection of parser output — rule counts, object resolution, address expansion — before running overlap analysis. |
list_supported_vendors |
Enumerate all supported firewall vendors, their aliases, configuration formats, and explain how to use normalized JSON input to bypass vendor-specific parsers. |