Problem with start Burp-ui on burp 2
Hello I can't view client and configure clients from burp-ui . Here is log from burp-ui -vvv
[2017-10-29 10:23:42,914] INFO in burp1.status: query: ''
[2017-10-29 10:23:42,914] ERROR in app.log_exception: Exception on /api/clients/backup-running [GET]
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/flask/app.py", line 1612, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/lib/python2.7/site-packages/flask/app.py", line 1598, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/lib/python2.7/site-packages/burpui/api/__init__.py", line 69, in decorated_view
return func(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/flask_restplus/api.py", line 313, in wrapper
resp = resource(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/flask/views.py", line 84, in view
return self.dispatch_request(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/flask_restplus/resource.py", line 44, in dispatch_request
resp = meth(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/flask_cache/__init__.py", line 297, in decorated_function
rv = f(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/burpui/api/custom/namespace.py", line 31, in wrapper
resp = f(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/burpui/api/clients.py", line 146, in get
bui.client.is_one_backup_running(server),
File "/usr/lib/python2.7/site-packages/burpui/misc/backend/burp1.py", line 768, in is_one_backup_running
cls = self.get_all_clients()
File "/usr/lib/python2.7/site-packages/burpui/misc/backend/burp1.py", line 781, in get_all_clients
filemap = self.status()
File "/usr/lib/python2.7/site-packages/burpui/misc/backend/burp1.py", line 363, in status
sock = socket.socket(self.family, socket.SOCK_STREAM)
AttributeError: 'Burp' object has no attribute 'family'
127.0.0.1 - - [29/Oct/2017 10:23:42] "GET /api/clients/backup-running HTTP/1.0" 500 -
Here are my configs
[root@backup1 burp]# cat burp-server.conf
# This is an example config file for the burp server.
mode = server
# The default addresses to listen on depend upon compile time options.
# They may be overridden here.
address = 0.0.0.0
port = 4971
# Think carefully before changing the status port address, as it can be used
# to view the contents of backups.
status_address = 127.0.0.1
# If you do not wish to run a status server at all, comment status_port out.
status_port = 4972
directory = /var/spool/burp/data
dedup_group = global
clientconfdir = /etc/burp/clientconfdir
# Choose the protocol to use.
# 0 to decide automatically, 1 to force protocol1 mode (file level granularity
# with a pseudo mirrored storage on the server and optional rsync). 2 forces
# protocol2 mode (inline deduplication with variable length blocks).
# Like many other settings, this can be set per client in the clientconfdir
# files.
protocol = 2
pidfile = /var/run/burp.server.pid
hardlinked_archive = 0
librsync=1
working_dir_recovery_method = delete
max_children = 4
max_status_children = 10000
umask = 0022
syslog = 0
stdout = 1
# The following options can restrict what the client can do.
# Restore clients can override all of these expect for force_backup.
client_can_delete = 1
# Set client_can_force_backup to 0 to only allow timed backups.
client_can_force_backup = 1
client_can_list = 1
# Set client_can_restore to 0 if you want restores to only be initialised by
# the server.
client_can_restore = 1
client_can_verify = 1
# Ratelimit throttles the send speed. Specified in Megabits per second (Mb/s).
# ratelimit = 1.5
# Network timeout defaults to 7200 seconds (2 hours).
# network_timeout = 7200
# Server storage compression. Default is zlib9. Set to zlib0 to turn it off.
compression = zlib5
# When the client version does not match the server version, log a warning.
# Set to 0 to turn it off.
version_warn = 1
# More configuration files can be read, using syntax like the following
# (without the leading '# ').
# . path/to/more/conf
# Location of autoupgrade files to serve to clients. Leave it commented out
# to not autoupgrade clients.
autoupgrade_dir = /etc/burp/autoupgrade/server
# You can have as many 'keep' lines as you like.
# For example, if running backups daily, setting 7, 4, 6 will keep
# 7 daily backups, 4 weekly, and 6 four-weekly backups.
keep = 14
# keep = 4
# keep = 6
# Commented due to issue https://github.com/grke/burp/issues/475?_pjax=%23js-repo-pjax-container
# Run as different user/group.
# user = root
# group = root
# CA options.
# If you want your server to be a certificate authority and generate its own
# certificates, uncomment the following lines. If the directory specified in
# ca_conf does not exist, the server will create, populate it, and the paths
# indicated by ssl_cert_ca, ssl_cert, ssl_key and ssl_dhfile below will be
# overwritten. See docs/burp_ca.txt for more information.
ca_conf = /etc/burp/CA.cnf
ca_name = burpCA
ca_server_name = backup1
ca_burp_ca = /usr/sbin/burp_ca
# Check for revoked certificates in the certificate revocation list.
# Turn this off if you use the old ssl_extra_checks_script server script.
ca_crl_check = 1
# SSL certificate authority - same file on both server and client
ssl_cert_ca = /etc/burp/ssl_cert_ca-server.pem
# Server SSL certificate
ssl_cert = /etc/burp/ssl_cert-server.pem
# Server SSL key
ssl_key = /etc/burp/ssl_cert-server.key
# Server SSL ciphers
#ssl_ciphers =
# Server SSL compression. Default is zlib5. Set to zlib0 to turn it off.
#ssl_compression = zlib5
# SSL key password, for loading a certificate with encryption.
ssl_key_password = password
# Server DH file.
ssl_dhfile = /etc/burp/dhfile.pem
timer_script = /usr/share/burp/scripts/timer_script
# Ensure that 20 hours elapse between backups
# Available units:
# s (seconds), m (minutes), h (hours), d (days), w (weeks), n (months)
#timer_arg = 20h
# Allow backups to start in the evenings and nights during weekdays
#timer_arg = Mon,Tue,Wed,Thu,Fri,00,01,02,03,04,05,19,20,21,22,23
# Allow more hours at the weekend.
#timer_arg = Sat,Sun,00,01,02,03,04,05,06,07,08,17,18,19,20,21,22,23
# Note that, if you specify no timebands, the default timer script will never
# allow backups.
timer_arg = 20h
timer_arg = Mon,Tue,Wed,Thu,Fri,00,01,02,03,04,05,19,20,21,22,23
timer_arg = Sat,Sun,00,01,02,03,04,05,06,07,08,17,18,19,20,21,22,23
# Uncomment the notify_success_* lines for email notifications of backups that
# succeeded.
# In the subject line, the following are substituted:
# %b - "backup"/"restore"/"verify"
# %c - client name
# %w - number of warnings, if any
#notify_success_script = /usr/share/burp/scripts/notify_script
#notify_success_arg = sendmail -t
#notify_success_arg = To: youremail@example.com
#notify_success_arg = From: burp
#notify_success_arg = Subject: %b succeeded: %c %w
# Uncomment the following to have success notifications only if there were
# warnings.
#notify_success_warnings_only = 1
# Uncomment the following to have success notifications only if there were
# new or changed files.
#notify_success_changes_only = 1
# Uncomment the following for email notifications of backups that failed.
#notify_failure_script = /usr/share/burp/scripts/notify_script
#notify_failure_arg = sendmail -t
#notify_failure_arg = To: youremail@example.com
#notify_failure_arg = From: burp
#notify_failure_arg = Subject: %b failed: %c %w
notify_failure_script = /usr/share/burp/scripts/notify_script
notify_failure_arg = sendmail -t
notify_failure_arg = To: admin@kisiek.net
notify_failure_arg = From: burp@kisiek.net
notify_failure_arg = Subject: %b failed: %c %w
# The server can run scripts on each connection after authentication and before
# disconnecting.
#server_script_pre = /usr/share/burp/scripts/ssl_extra_checks_script
#server_script_pre_arg = /etc/burp/crl
#server_script_pre_arg = /etc/burp/burp-server.conf
#server_script_pre_arg = /usr/share/burp/scripts/server-pre-script.local
# Set server_script_pre_notify to 1 to have notifications on server_script_pre
# returning non-zero. Most people will want to leave this off - it could
# result in a lot of emails because clients normally connect once every 20
# minutes. Requires notify_failure_script to be set above.
#server_script_pre_notify = 0
#server_script_post =
#server_script_post_arg =
#server_script_post_arg =
#server_script_post_run_on_fail=0
# As for server_script_pre_notify, but for post.
#server_script_post_notify = 0
# Clients that are able to list and restore files belonging to any other
# client. If this is too permissive, you may set a restore_client for
# individual original clients in the individual clientconfdir files.
# restore_client = someclient
# restore_client = someotherclient
# Whether or not the server process should cache the tree when a monitor client
# is browsing a backup. Advantage: speed. Disadvantage: more memory is used.
monitor_browse_cache = 1
restore_client = monitor
burp-ui config
[root@backup1 burp]# cat burpui.cfg
# Burp-UI configuration file
# @version@ - 0.3.0
# @release@ - stable
[Global]
# On which port is the application listening
port = 5000
# On which address is the application listening
# '::' is the default for all IPv6
# set it to '0.0.0.0' if you want to listen on all IPv4 addresses
bind = 127.0.0.1
# enable SSL
ssl = false
# ssl cert
sslcert = /etc/burp/ssl_cert-server.pem
# ssl key
sslkey = /etc/burp/ssl_cert-server.key
# burp server version 1 or 2
version = 2
# Handle multiple bui-servers or not
# If set to 'false', you will need to declare at least one 'Agent' section (see
# bellow)
standalone = true
# authentication plugin (mandatory)
# list the misc/auth directory to see the available backends
# to disable authentication you can set "auth = none"
# you can also chain multiple backends. Example: "auth = ldap,basic"
# the order will be respected unless you manually set a higher backend priority
auth = basic
# acl plugin
# list misc/acl directory to see the available backends
# default is no ACL
acl = basic
# You can change the prefix if you are behind a reverse-proxy under a custom
# root path. For example: /burpui
# You can also configure your reverse-proxy to announce the prefix through the
# 'X-Script-Name' header. In this case, the bellow prefix will be ignored in
# favour of the one announced by your reverse-proxy
prefix = none
[UI]
# refresh interval of the pages in seconds
refresh = 180
# refresh interval of the live-monitoring page in seconds
liverefresh = 60
[Production]
# storage backend for session and cache
# may be either 'default' or 'redis'
storage = redis
# session database to use
# may also be a backend url like: redis://localhost:6379/0
# if set to 'redis', the backend url defaults to:
# redis://<redis_host>:<redis_port>/0
# where <redis_host> is the host part, and <redis_port> is the port part of
# the below "redis" setting
session = redis://localhost:6379/0
# cache database to use
# may also be a backend url like: redis://localhost:6379/0
# if set to 'redis', the backend url defaults to:
# redis://<redis_host>:<redis_port>/1
# where <redis_host> is the host part, and <redis_port> is the port part of
# the below "redis" setting
cache = redis
# redis server to connect to
redis = localhost:6379
# whether to use celery or not
# may also be a broker url like: redis://localhost:6379/0
# if set to "true", the broker url defaults to:
# redis://<redis_host>:<redis_port>/2
# where <redis_host> is the host part, and <redis_port> is the port part of
# the above "redis" setting
celery = true
# database url to store some persistent data
# none or a connect string supported by SQLAlchemy:
# http://docs.sqlalchemy.org/en/latest/core/engines.html#database-urls
# example: sqlite:////var/lib/burpui/store.db
database = sqlite:////var/spool/burpui/celery.db
[Security]
## This section contains some security options. Make sure you understand the
## security implications before changing these.
# list of 'root' paths allowed when sourcing files in the configuration.
# Set this to 'none' if you don't want any restrictions, keeping in mind this
# can lead to accessing sensible files. Defaults to '/etc/burp'.
# Note: you can have several paths separated by comas.
# Example: /etc/burp,/etc/burp.d
includes = /etc/burp
# if files already included in config do not respect the above restriction, we
# prune them
enforce = false
# enable certificates revocation
revoke = true
# remember_cookie duration in days
cookietime = 14
# whether to use a secure cookie for https or not. If set to false, cookies
# won't have the 'secure' flag.
# This setting is only useful when HTTPS is detected
scookie = true
# application secret to secure cookies. If you don't set anything, the default
# value is 'random' which will generate a new secret after every restart of your
# application. You can also set it to 'none' although this is not recommended.
# /!\ YOU CANNOT USE THE MAGIC 'random' VALUE WHEN USING GUNICORN /!\
appsecret = random
[Experimental]
## This section contains some experimental features that have not been deeply
## tested yet
# enable zip64 feature. Python doc says:
# « ZIP64 extensions are disabled by default because the default zip and unzip
# commands on Unix (the InfoZIP utilities) don’t support these extensions. »
zip64 = false
# disable server initiated restoration if `bconfcli` file contains
# `server_can_restore = 0`
noserverrestore = false
## burp2 backend specific options
[Burp2]
## burp binary
burpbin = /usr/sbin/burp
## vss_strip binary
stripbin = /usr/bin/vss_strip
## burp client configuration file used for the restoration (Default: None)
bconfcli = /etc/burp/burp.conf
## burp server configuration file used for the setting page
bconfsrv = /etc/burp/burp-server.conf
## temporary directory to use for restoration
tmpdir = /tmp
## how many time to wait for the monitor to answer (in seconds)
timeout = 60
And the question is where i make mistake ? I want to use protocol 2 of burp on all new servers