cif-smrt error

Question

cif-smrt error

DangerView opened this issue 8 years ago · comments

I don't know why cif-smrt can't work

enter the command cif-smrt

EV: error in callback (ignoring): YAML::Tiny found bad indenting in line ' regist
EV: error in callback (ignoring): YAML::Tiny found bad indenting in line ' registrars: ' at /opt/cif/bin/../lib/per

thanks for your support.

wes · Answer 1 · Thu Oct 13 2016 20:10:23 GMT+0800 (China Standard Time)

what does your /etc/cif/rules/default/malwaredomains.yml file look like?

wes · Answer 2 · Thu Oct 13 2016 20:25:19 GMT+0800 (China Standard Time)

also; if you have a longer debug output, that'd help too (run cif-smrt with the -d option).

DangerView · Answer 3 · Fri Oct 14 2016 09:02:32 GMT+0800 (China Standard Time)

root@racknum113:/home/racknum113# /opt/cif/bin/cif-smrt -r /etc/cif/rules/default -d --randomstart 0
[2016-10-14T09:31:17,952Z][5035][INFO][main:235]: staring up...
[2016-10-14T09:31:17,954Z][5035][DEBUG][main:266]: random start set to: 0
[2016-10-14T09:31:17,954Z][5035][INFO][main:268]: delaying start for: 0min then running every 60min there after...
[2016-10-14T09:31:17,954Z][5035][INFO][main:269]: to run immediately, set: --randomstart 0 or --testmode
[2016-10-14T09:31:17,954Z][5035][INFO][main:270]: to see the list of options, use -h
[2016-10-14T09:31:17,958Z][5035][DEBUG][main:292]: running pid: 5036
[2016-10-14T09:31:17,958Z][5036][DEBUG][main:381]: cleaning up tmp: /var/smrt/cache
EV: error in callback (ignoring): YAML::Tiny found bad indenting in line ' registrars: ' at /opt/cif/bin/../lib/perl5/CIF.pm line 90.

It's over.

I can't find special things in /etc/cif/rules/default/malwaredomains.yml.

wes · Answer 4 · Thu Oct 20 2016 20:14:42 GMT+0800 (China Standard Time)

make sure you sudo su - cif first, and within that dir you should see a malwaredomains.yml

cif@vagrant-ubuntu-trusty-64:/etc/cif/rules/default$ ls -all | grep malwaredomains
-rw-rw---- 1 cif cif  830 Oct 13 12:22 malwaredomains.yml

it sounds like something in that file may be messed up, try moving the file to ~/ and re-running to see if things run smoothly...

DangerView · Answer 5 · Fri Oct 21 2016 10:53:53 GMT+0800 (China Standard Time)

I have no idea it's different file malwaredomains.yml

-rw-rw---- 1 cif cif 858 Sep 26 09:20 malwaredomains.yml

so file move directory /home/

mv malwaredomains.yml /home/

/opt/cif/bin/cif-smrt -r /etc/cif/rules/default/ -D --randomstart 0 -d

after cif status normal. it is working.

thanks your support!

wes · Answer 6 · Fri Oct 21 2016 20:20:03 GMT+0800 (China Standard Time)

if you want to re-try it, grab a copy of this file:

https://raw.githubusercontent.com/csirtgadgets/massive-octo-spice/master/src/rules/default/malwaredomains.yml

and see if there are any differences...