f5-veil 1.2.0__tar.gz

f5_veil-1.2.0/.gitignore

@@ -0,0 +1,88 @@
+# ============================================================================
+# VEIL-specific — NEVER commit obfuscation artifacts
+# ============================================================================
+*.answers.enc
+*.sanitized.conf
+*.sanitized.tcl
+*.sanitized.ucs
+*.restored.conf
+test_configs/customer/
+test_configs/real/
+test_configs/_phase_verify/
+*.ucs
+
+# ============================================================================
+# Session / handoff state — may contain personal network info, hostnames,
+# customer device names, etc. Used to prime new Claude Code sessions; not
+# part of the project history. NEVER commit.
+# ============================================================================
+BRIDGE_NEXT_SESSION.md
+V12_LEAK_FIX_PLAN.md
+CLAUDE.md
+.claude/
+
+# ============================================================================
+# Python
+# ============================================================================
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# Virtual environments
+.env
+.venv
+env/
+venv/
+ENV/
+
+# Testing
+.coverage
+.coverage.*
+.pytest_cache/
+htmlcov/
+.tox/
+.nox/
+coverage.xml
+*.cover
+.hypothesis/
+
+# Type checkers
+.mypy_cache/
+.pyre/
+.pytype/
+.ruff_cache/
+
+# ============================================================================
+# IDE / Editor
+# ============================================================================
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# ============================================================================
+# OS
+# ============================================================================
+.DS_Store
+Thumbs.db
+desktop.ini

f5_veil-1.2.0/CHANGELOG.md

@@ -0,0 +1,167 @@
+# Changelog
+
+All notable changes to **f5-veil** are documented here.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [1.2.0] — 2026-06-16
+
+### Added — input-source expansions
+
+- **Multi-file two-pass ingestion** for `bigip_base.conf` +
+  `bigip.conf` pairs. The base file's objects (VLANs, self-IPs,
+  route-domains, etc.) are registered in a shared ledger before the
+  main file's references need to resolve. New `scan_many` API; new
+  CLI `--input <path>` repeatable flag plus `--output-dir`.
+- **UCS archive ingestion** (extract-only). CLI auto-detects `.ucs`
+  input, extracts the allowlist members (`config/bigip_base.conf`,
+  `config/bigip.conf`, optional `config/bigip_user.conf`),
+  obfuscates each, writes to `--output-dir`. UCS is never modified
+  or re-packed; allowlist excludes `bigip_script.conf` (deferred —
+  iApp templates collide with the IP placeholder model; tracked for
+  v1.3 / v2.0).
+
+### Added — leak-coverage hardening (19 finding-groups + follow-ups)
+
+Driven by real-corpus manual inspection. Approximately 28 new
+`Kind` values across 12 new walkers.
+
+- **Unknown top-level body walkers** — closes the brace-skip gap on
+  blocks whose body content carries customer-identifying data:
+  - `sys snmp` — community / trap bucket headers, plaintext
+    community strings, `sys-contact`, `sys-location`
+    (`SNMP_COMMUNITY`, `SNMP_TRAP`, `SNMP_COMMUNITY_SECRET`,
+    `SYS_CONTACT`, `SYS_LOCATION`)
+  - `sys syslog` — remote-server bucket headers (`SYSLOG_SERVER`)
+  - `sys sshd` — banner text (multi-line QSTRING; `SSHD_BANNER`)
+  - `auth remote-role role-info` — bucket-path discovery
+    (`REMOTE_ROLE`)
+- **Nested-bucket walkers inside known top-level kinds** — the
+  enclosing kind's body is brace-skipped by the main loop, so
+  nested-object bareword names leak:
+  - `cert-key-chain` bucket names inside `ltm profile client-ssl`
+    bodies (`CERT_KEY_CHAIN`)
+  - `client-policy` bucket names inside APM profile bodies
+    (`CLIENT_POLICY`)
+- **Cross-cutting field walkers**:
+  - Identity / hostname — `admin-name`, `basic-auth-username`,
+    `basic-auth-realm`, `user`, `account-name`, `server-name` →
+    `USERNAME`
+  - Kerberos realm — `realm` field with uppercase value (catches
+    public-TLD realms like `BOGUS.COM` that the FQDN walker by
+    design skips) → `KRB_REALM`
+  - LDAP filter — `filter` field inside LDAP-flavoured blocks →
+    `LDAP_FILTER`
+  - LDAP base-DN bareword — extends `AD_GROUP_DN` walker to catch
+    bareword `DC=...,DC=...` values in `base-dn` /
+    `search-base-dn` fields
+  - SAML / OAuth identifiers — `entity-id`, `sso-uri`,
+    `single-logout-uri`, `single-logout-response-uri`, `audience`
+    (braced-list form), `issuer`, `key-id` as dedicated kinds so
+    non-FQDN-shaped opaque values are caught (`SAML_ENTITY_ID`,
+    `SAML_SSO_URI`, `SAML_SLO_URI`, `SAML_SLO_RESPONSE_URI`,
+    `OAUTH_AUDIENCE`, `OAUTH_ISSUER`, `OAUTH_KEY_ID`)
+  - `caption` and `service-name` folded into the `DESC` walker
+  - Monitor `recv` strings — `MONITOR_RECV`
+  - Data-group `records` bucket headers (context-gated, catches
+    public-TLD entries that the global FQDN walker skips) —
+    `DATA_GROUP_RECORD`
+  - APM `expression "return {LITERAL}"` Tcl-literal pattern in
+    `variable-assign` bodies — `APM_VAR_LITERAL`
+- **Substring-substitution variants**:
+  - F5 filestore colon-separator
+    (`:Common:<leaf>_<index>_<index>`) — covers `cache-path`
+    references that the slash-form substring sub missed
+  - FQDN-shaped leaf form for path-shape entries whose leaf is
+    public-TLD — covers `source-path /config/ssl/ssl.csr/<fqdn>.com`
+    references
+  - QSTRING-wrapped header path detection — catches bot-defense
+    signature path shapes
+  - Per-kind right-boundary protection (FQDN compound filenames)
+- **Fixes**:
+  - IP-walker version-field exclusion — `version 17.5.1.5` no
+    longer gets substituted as if it were an IPv4 address
+  - AD_GROUP_DN qualifier relaxation — drop CN= requirement so
+    OU-prefix DNs (LDAP `base` values) are redacted as a whole,
+    not just the DC suffix
+  - Orphan-check substring-shadow exemption — FQDN entries
+    intentionally shadowed by longer SAML/OAuth ledger entries
+    don't trip the cross-reference integrity assertion
+
+### Verification
+
+Real-corpus canary count for the integration pair (homelab
+AD-domain root-label, case-insensitive grep) went from **40 → 0**
+across the v1.2 cycle. Full test suite: **503 → 660+** tests
+passing, zero regressions, byte-exact round-trip preserved.
+
+### Known gaps (documented, operator review required)
+
+See [docs/architecture.md](docs/architecture.md) for the full
+list. Highlights:
+
+- iRule `varname` customer-name leaks
+- Public-TLD FQDNs outside the dedicated walker / cert-path /
+  source-path contexts
+- Free-text Tcl expression literals (`expression "[mcget {...}]"`)
+  without a recognised shape
+
+## [1.1.1] — never published to PyPI
+
+Corrective license swap — standard MIT + non-binding `DISCLAIMER.md`
+replaces the prior "MIT-Modified Named-Party Exclusion" language.
+PyPI republish was deferred; v1.1.1's content is included in v1.2.0.
+
+## [1.1.0] — pushed 2026-06-13
+
+### Added
+
+- **BAREWORD infix substring substitution** — catches identifiers
+  embedded in compound barewords. Examples:
+  - `application-uri https://10.0.0.42/path` (IP inside URL)
+  - `iRule references like /Common/web1:80` (path inside compound)
+  - IP ranges like `10.0.0.1-10.0.0.50`
+  - File-storage compound filenames `<fqdn>_<index>_<index>`
+- Word-boundary protection prevents partial matches against longer
+  numeric / identifier runs.
+
+## [1.0.0] — pushed 2026-06-13
+
+First stable release. Production-shaped against real BIG-IP
+configurations from a controlled-environment lab corpus.
+
+### Added
+
+- **CLI**: `veil obfuscate` and `veil deobfuscate` commands. Exit
+  codes 0 (success), 2 (CLI usage), 3 (input not readable),
+  4 (diagnostics non-empty without `--allow-incomplete`),
+  5 (leak detector tripped under `--strict`).
+- **Answer file**: AES-256-GCM-encrypted, scrypt KDF, atomic
+  writes.
+- **Path-shape kinds**: pool, virtual server, node, monitor, iRule,
+  partition (LTM); pool, wide-IP, server, datacenter, region (GTM);
+  VLAN, route-domain, self-IP, trunk (net); policy, profile (APM);
+  policy, rule-list, address-list, port-list (security firewall);
+  data-group, SNAT, SNAT pool, virtual-address (LTM extras);
+  profile (LTM, with factory built-in exemption); UNKNOWN
+  best-effort registration for unrecognised top-level blocks.
+- **IP literal handling**: bare IPv4 / IPv6 substituted into RFC
+  5737 / RFC 3849 docs ranges, preserving source `/24` and `/64`
+  structure first-seen-first-allocated.
+- **Free-text**: description bodies (QSTRING, bareword, braced),
+  Tcl `#` comments inside `ltm rule` bodies, LDAP / AD distinguished
+  names (`CN=...,DC=...`) inside any QSTRING, internal-FQDN
+  discovery (`*.local`, `*.corp`, `*.lan`, `*.internal`,
+  `*.intranet`, `*.home.arpa`, `*.private`).
+- **Leak detector**: post-substitution check that flags common
+  patterns (RFC1918 / CGNAT / link-local IPs, internal FQDNs, MAC
+  addresses, identifier-shaped barewords, paths with non-safe
+  partitions).
+- **Strict mode**: `--strict` aborts on any leak-detector warning.
+
+## Pre-1.0
+
+Versions 0.0.1 through 0.0.14 were development-cycle iterations.
+The detailed history is captured in the git log; consult
+`git log --oneline` for per-commit context.

f5_veil-1.2.0/DISCLAIMER.md

@@ -0,0 +1,29 @@
+# DISCLAIMER
+
+## Software License
+
+This project is released under the **MIT License**. The full text of that
+license is in [LICENSE](LICENSE) and is the only legally binding license
+governing your use, modification, and redistribution of this software.
+
+## Personal Statement of Intent
+
+The following is a personal statement from the author. It is **not** a
+software license term, **not** an additional restriction under the MIT
+License, and **not** enforceable as a condition of use. It is provided here
+only as a statement of the author's personal preferences regarding the
+audience of this work.
+
+> The author would prefer that this software not be used, redistributed, or
+> incorporated by Austin Geraci or by WorldTech IT (or by any employee,
+> agent, contractor, consultant, or affiliate acting on their behalf, or by
+> any entity they own, operate, or control).
+>
+> This preference does not modify the MIT license grant. Any party covered
+> by the MIT license remains licensed under its terms.
+>
+> Inspired by Stewart Semple's Black 3.0 paint license.
+
+If you are evaluating this project for inclusion in another work, for
+packaging, or for compliance review: treat the MIT license file as
+authoritative and ignore the statement above for legal purposes.

f5_veil-1.2.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Blake Deakins
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to
+deal in the Software without restriction, including without limitation the
+rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+sell copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+IN THE SOFTWARE.

f5_veil-1.2.0/PKG-INFO

@@ -0,0 +1,341 @@
+Metadata-Version: 2.4
+Name: f5-veil
+Version: 1.2.0
+Summary: F5 BIG-IP config obfuscator/de-obfuscator — sanitize customer configs for safe AI analysis
+Project-URL: Homepage, https://github.com/BDeakins/f5-veil
+Project-URL: Issues, https://github.com/BDeakins/f5-veil/issues
+Project-URL: Source, https://github.com/BDeakins/f5-veil
+Author: Blake Deakins
+License-Expression: MIT
+License-File: LICENSE
+Keywords: ai-safety,bigip,f5,irules,obfuscation,redaction,security,tmos
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Information Technology
+Classifier: Intended Audience :: System Administrators
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: System :: Networking
+Classifier: Topic :: System :: Systems Administration
+Requires-Python: >=3.10
+Requires-Dist: cryptography>=42.0
+Provides-Extra: dev
+Requires-Dist: mypy>=1.10; extra == 'dev'
+Requires-Dist: pytest-cov>=5.0; extra == 'dev'
+Requires-Dist: pytest>=8.0; extra == 'dev'
+Requires-Dist: ruff>=0.5; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# f5-veil
+
+F5 BIG-IP config obfuscator / de-obfuscator — sanitize customer configs
+for safe AI analysis, then restore identifiers byte-exactly after the
+AI is done.
+
+## Status
+
+**v1.2** — production-shaped against real BIG-IP configurations.
+
+Covers ~50 object kinds across LTM, GTM, net, APM, sys, security
+firewall, and SAML/OAuth/Kerberos/SNMP/syslog/SSHD bodies. Bare
+IPv4 / IPv6 literals substituted to RFC 5737 / RFC 3849 docs ranges
+with `/24` and `/64` source-subnet preservation. All three
+description body forms (QSTRING, bareword, braced) plus `caption`
+and `service-name` fields redacted. Tcl `#` comments inside `ltm
+rule` bodies redacted. Identifier substring substitution inside
+every QSTRING **and every BAREWORD** (catches monitor send/recv
+strings, APM policy expressions, bot-defense signatures, URL-shaped
+barewords, IP ranges, F5 filestore colon-separator paths
+(`:Common:<leaf>_<index>_<index>`), public-TLD FQDN leafs in
+source-paths). LDAP / AD distinguished names embedded in any
+QSTRING **and** as bareword `base-dn` / `search-base-dn` values.
+Kerberos realms (uppercase form, public-TLD support). SAML / OAuth
+identifier fields (entity-id, sso-uri, slo-uri, audience, issuer,
+key-id) as dedicated kinds — non-FQDN-shaped opaque values are
+caught. APM `expression "return {LITERAL}"` Tcl-literal patterns
+catch hard-coded session-variable values (domains, usernames,
+occasionally credentials). Multi-file two-pass ingestion
+(`bigip_base.conf` + `bigip.conf`). UCS archive ingestion
+(extract-only). AES-256-GCM-encrypted answer file with scrypt KDF.
+Round-trip is byte-exact for every shape the parser covers.
+
+Real-corpus canary count for the v1.2 integration pair went from
+40 → 0 across the v1.2 leak-coverage cycle (19 finding-groups
+discovered via manual inspection plus post-sign-off follow-ups).
+660+ tests pass with byte-exact round-trip preserved.
+
+Documented gaps (see [docs/architecture.md](docs/architecture.md)
+"Known gaps"): iRule `varname` customer leaks, public-TLD FQDNs
+outside cert/path/SAML contexts, free-text Tcl expression literals
+without recognised shape.
+
+## The Problem
+
+F5 engineers want to use AI tools (Claude, ChatGPT, Copilot, etc.) to
+analyze configurations, write iRules, and troubleshoot issues. But
+customer configurations contain identifying information — IPs,
+hostnames, pool names, virtual server names, monitor names, AD group
+DNs, partition labels — that cannot legally or contractually be sent
+to a third-party AI under most customer NDAs and employer policies.
+The penalty for leaking customer data to an AI is often immediate
+termination.
+
+## What VEIL does
+
+```
+veil obfuscate   →   sanitized.conf + answers.enc (encrypted)
+                 →   safe to paste into AI
+
+[engineer collaborates with AI on the sanitized config]
+
+veil deobfuscate →   restored.conf (real identifiers reinstated,
+                     including in any new content the AI generated)
+```
+
+Every customer-identifying value gets a typed placeholder
+(`POOL_0001`, `VS_0001`, `NODE_0001`, `IRULE_0001`, `DESC_0001`,
+`AD_GROUP_DN_0001`, `SAML_ENTITY_ID_0001`, `SNMP_COMMUNITY_SECRET_0001`,
+`SSHD_BANNER_0001`, `USERNAME_0001`, `APM_VAR_LITERAL_0001`, etc.),
+the original bytes go into an encrypted answer file, and the
+de-obfuscator restores everything byte-exactly — including any
+placeholder text the AI produced in new content it wrote.
+
+## Safety warnings
+
+> **VEIL is a safety net, not a guarantee.**
+> A parser miss = customer data leaked to an LLM = potential
+> career-ending incident. Always review the sanitized output before
+> sending it anywhere.
+
+- Read the sanitized file end-to-end before sending it to AI.
+- The leak detector flags common patterns (RFC1918 IPs, `.local` /
+  `.corp` / `.lan` / `.internal` domains, MAC addresses,
+  identifier-shaped barewords, paths with non-safe partitions). It is
+  heuristic — a clean run is strong evidence, not proof.
+- Use `--strict` mode to abort on any leak-detector warning.
+- Use `--allow-incomplete` only when you understand exactly which kinds
+  the parser doesn't yet recognise.
+- Protect the answer file as you would a UCS archive. Anyone with the
+  file and the passphrase can recover the original configuration.
+- Never commit `*.answers.enc` or `*.sanitized.conf` to a repo. The
+  shipped `.gitignore` blocks both — keep it that way.
+- VEIL does not attempt to obfuscate inside binary blobs, base64-encoded
+  archives, or compiled artifacts. Strip those before obfuscation.
+
+## Installation
+
+```bash
+pip install f5-veil
+```
+
+Or from source:
+
+```bash
+git clone https://github.com/BDeakins/f5-veil
+cd f5-veil
+pip install -e .
+```
+
+Requires Python 3.10 or newer.
+
+## Usage
+
+```bash
+# Obfuscate a single bigip.conf
+veil obfuscate --input bigip.conf \
+               --output bigip.sanitized.conf \
+               --answer-file bigip.answers.enc
+
+# De-obfuscate (AI may have introduced new content; placeholders inside
+# new content are restored too)
+veil deobfuscate --input bigip.modified.conf \
+                 --output bigip.restored.conf \
+                 --answer-file bigip.answers.enc
+
+# Dry-run obfuscation — report what would change, write nothing
+veil obfuscate --input bigip.conf --dry-run
+
+# Strict mode — abort if the leak detector finds anything suspicious
+veil obfuscate --input bigip.conf --strict ...
+
+# Allow-incomplete mode — proceed even with unhandled top-level blocks
+# (e.g. ltm dns, security dos). Use only when you've reviewed the
+# diagnostics and understand the residual leak surface.
+veil obfuscate --input bigip.conf --allow-incomplete ...
+```
+
+### Multi-file mode (`bigip_base.conf` + `bigip.conf`)
+
+```bash
+# Pass both files; base file first so its objects (VLANs, self-IPs,
+# route domains) land in the ledger before the main file's references
+# need to resolve. Output goes to a directory keyed by basename.
+veil obfuscate --input bigip_base.conf \
+               --input bigip.conf \
+               --output-dir sanitized/ \
+               --answer-file device.answers.enc
+
+veil deobfuscate --input sanitized/bigip_base.conf \
+                 --input sanitized/bigip.conf \
+                 --output-dir restored/ \
+                 --answer-file device.answers.enc
+```
+
+`--input` order on the deobfuscate side must match the order recorded
+in the answer file at obfuscation time. Reordering is a hard error,
+not a silent miscorrelation.
+
+### UCS archive mode (`device.ucs`)
+
+```bash
+# Hand VEIL the UCS directly. It extracts the allowlisted config-file
+# members (config/bigip_base.conf, config/bigip.conf, and the
+# optional config/bigip_user.conf), obfuscates each, and writes them
+# as separate text files into --output-dir. Everything else in the
+# UCS (bigip_script.conf, certs, keys, licenses, binaries, state
+# files, .diffVersions snapshots) is ignored — never read, never
+# written.
+veil obfuscate --input device.ucs \
+               --output-dir sanitized/ \
+               --answer-file device.answers.enc
+
+# Deobfuscate the sanitized text files via the standard multi-file
+# flow. VEIL does NOT recreate the UCS — if you need a closed-loop
+# UCS for restore, re-pack the restored files into the original
+# archive yourself (e.g. with tar).
+veil deobfuscate --input sanitized/bigip_base.conf \
+                 --input sanitized/bigip.conf \
+                 --input sanitized/bigip_user.conf \
+                 --output-dir restored/ \
+                 --answer-file device.answers.enc
+```
+
+**Note on `bigip_script.conf`:** the file containing iRules and
+iApp templates is intentionally NOT in the v1.2 UCS allowlist —
+its iApp template bodies contain literal RFC 5737 docs-range IPs
+in user-facing help text that collide with VEIL's IP placeholder
+model. See `docs/architecture.md` ("UCS archive ingestion") for the
+threat model, allowlist rationale, and the architectural fix
+planned for v1.3 / v2.0. If you need iRule / iApp coverage today,
+hand `bigip_script.conf` to the LLM as a separate plain-text file.
+
+Exit codes: 0 success, 2 CLI usage error, 3 input not readable, 4
+diagnostics non-empty without `--allow-incomplete`, 5 leak detector
+tripped under `--strict`.
+
+## Identifier scope
+
+**Obfuscated by VEIL (v1.2):**
+
+- **LTM:** pool, virtual server, node, monitor, iRule, partition,
+  profile (custom — built-ins like `/Common/http` pass through as
+  universal BIG-IP signal), data-group name, data-group **records**
+  (operator-chosen lookup keys, even public-TLD ones), SNAT, SNAT
+  pool, virtual-address
+- **GTM:** pool, wide-IP, server, datacenter, region
+- **Net:** VLAN, route-domain, self-IP, trunk
+- **APM:** policy, profile, `cert-key-chain` and `client-policy`
+  nested bucket names, `expression "return {LITERAL}"` Tcl literals
+  in `variable-assign` blocks
+- **SAML / OAuth:** entity-id, sso-uri, single-logout-uri,
+  single-logout-response-uri, audience, issuer, key-id — dedicated
+  kinds so non-FQDN-shaped opaque values are caught (the FQDN
+  walker alone wouldn't catch URN entity-IDs or public-TLD URLs)
+- **Identity / field walkers:** `admin-name`, `basic-auth-username`,
+  `basic-auth-realm`, `user`, `account-name`, `server-name` →
+  `USERNAME`; LDAP `filter` field; LDAP `base-dn` / `search-base-dn`
+  bareword DC=...,DC=... shapes
+- **Sys family:** `sys snmp` body (community / trap bucket headers,
+  plaintext community strings, `sys-contact`, `sys-location`);
+  `sys syslog` remote-server bucket headers; `sys sshd` banner
+  text (multi-line QSTRING covered); `auth remote-role role-info`
+  bucket headers
+- **Kerberos:** uppercase realm values (`ACME.CORP`, public TLDs
+  included — the FQDN walker by design only catches internal-suffix
+  realms)
+- **Security firewall:** policy, rule-list, address-list, port-list
+- **Network literals:** bare IPv4 / IPv6 (substituted into RFC 5737 /
+  RFC 3849 docs ranges, preserving source `/24` and `/64` structure
+  first-seen-first-allocated); IP-walker skips version-field values
+  (`version 17.5.1.5` no longer gets substituted as an IP)
+- **Free-text:**
+  - `description` / `caption` / `service-name` bodies — QSTRING,
+    bareword, and braced forms all redacted to `DESC_NNNN`
+  - Tcl `#` comments inside `ltm rule` bodies — redacted to
+    `IRULE_COMMENT_NNNN`
+  - LDAP / AD distinguished names (`CN=...,DC=...` AND
+    `OU=...,DC=...`) anywhere inside any QSTRING — redacted to
+    `AD_GROUP_DN_NNNN`
+  - Internal-FQDN discovery (`*.local`, `*.corp`, `*.lan`,
+    `*.internal`, `*.intranet`, `*.home.arpa`, `*.private`) inside
+    any WORD or QSTRING — redacted to `FQDN_NNNN`
+  - Monitor `recv` strings (HTML titles, product names) — redacted
+    to `MONITOR_RECV_NNNN`
+  - F5 filestore colon-separator paths
+    (`:Common:<leaf>_<index>_<index>`) — caught via substring sub
+    variant on path-shape entries
+  - Any other ledger identifier appearing as a substring inside any
+    QSTRING / BAREWORD (monitor send-strings, APM policy
+    expressions, bot-defense signatures, URL-shaped barewords like
+    `https://10.0.0.42/path`, IP ranges like `10.0.0.1-10.0.0.50`)
+    — substring-substituted in place with word-boundary protection
+  - Multi-file mode: `bigip_base.conf` + `bigip.conf` ingest as a
+    shared ledger so base-file objects substitute correctly when
+    referenced from the main file
+  - UCS archive mode: extract-only, allowlists `config/bigip_base.conf`,
+    `config/bigip.conf`, `config/bigip_user.conf`
+
+**Documented gaps (operator review required):**
+
+- iRule `varname` customer-name leaks — renaming would break
+  positional Tcl refs, so VEIL does not auto-redact
+- Public-TLD FQDNs outside the dedicated walker / cert-path /
+  source-path contexts — the global FQDN walker only catches
+  internal-suffix TLDs to avoid false positives on legitimate
+  public DNS references
+- Free-text Tcl expression literals (`expression "[mcget {...}]"`)
+  without a recognised shape
+- Persistent cross-run identifier map (deferred to v2.0)
+- Folder-as-own-kind (`/Common/folder/sub/leaf` currently collapses
+  folder into the leaf placeholder) — v1.3+
+
+## Roadmap
+
+- **v1.0** — `bigip.conf` only. Shipped.
+- **v1.1** — BAREWORD infix substring substitution (catches URLs,
+  IP ranges, compound barewords). Shipped.
+- **v1.2** — `bigip_base.conf` multi-file two-pass discovery, UCS
+  archive ingestion (extract-only), `auth remote-role role-info`
+  bucket-path discovery, plus a 19-finding-group leak-coverage
+  hardening cycle driven by real-corpus manual inspection:
+  sys snmp / sys syslog / sys sshd body walkers, cert-key-chain and
+  client-policy nested bucket walkers, identity / Kerberos realm /
+  LDAP filter / SAML+OAuth / data-group-record / monitor recv /
+  APM expression literal field walkers, filestore colon-separator
+  substring sub, FQDN-shaped leaf substring sub. Real-corpus canary
+  count for the integration pair: 40 → 0. Shipped.
+- **v1.3** — Personal-use Docker image + thin FastAPI wrapper around
+  the CLI (paste config in browser, get sanitized output and encrypted
+  answer file out). RAM-only processing, no auth, **not for internet
+  exposure**. CLI remains the canonical distribution. See the threat
+  model in [docs/architecture.md](docs/architecture.md).
+- **v2.0** — Persistent cross-run identifier map (same source
+  identifier → same placeholder across runs, for ongoing engagements).
+- **v2.1 / v3.0** — Hardened multi-user web service (auth, HTTPS,
+  audit logging, hard ephemerality guarantees, rate limiting). Shares
+  design surface with the v2.0 persistent map (auth + secret storage).
+
+## License
+
+MIT — see [LICENSE](LICENSE).
+
+A personal statement of intent regarding the audience of this work is in
+[DISCLAIMER.md](DISCLAIMER.md). It is not a license term.
+
+## Security
+
+See [SECURITY.md](SECURITY.md) for vulnerability reporting policy.