In [None]:
# asa_audit.ipynb
import re
from pathlib import Path

# === Config ===
CONFIG_FILE = "sample_config.txt"

# === Sample Rules ===
RULES = [
    {
        "name": "Permit Any-Any ACL",
        "pattern": r"access-list .* permit ip any4 any4",
        "severity": "High",
        "message": "Unrestricted IP access found. Replace 'any4 any4' with specific subnets."
    },
    # Add other rules here...
]

def load_config(path):
    return Path(path).read_text()

def audit_config(config_text):
    findings = []
    for rule in RULES:
        matches = re.findall(rule["pattern"], config_text)
        if matches:
            findings.append({
                "rule": rule["name"],
                "severity": rule["severity"],
                "message": rule["message"],
                "matches": matches
            })
    return findings

def print_report(findings):
    if not findings:
        print("✅ No critical issues found.")
        return
    print("\n🔍 Security Audit Report:\n")
    for finding in findings:
        print(f"🚨 {finding['rule']} ({finding['severity']})")
        print(f"    {finding['message']}")
        for m in finding['matches']:
            print(f"    ↳ {m}")
        print()

# Run it
config = load_config(CONFIG_FILE)
results = audit_config(config)
print_report(results)
