Failed greenbone-certdata-sync (Connection timed out (110))

Hello, I am updating the feeds from the console with the following commands, but you are giving me the error when running the certdata-sync

sudo greenbone-nvt-sync Ok
sudo greenbone-scapdata-sync Ok
sudo greenbone-certdata-sync Failed
openvasmd --rebuild wait for execution

we already validate the firewalld rules, we do not have a proxy. some suggestion ?


[root@pc~]# greenbone-certdata-sync
rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110)
rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(125) [Receiver=3.1.2]


Is this continuous problem or just single occasion? As NVT and SCAP syncs work, your network and fw should be fine. The feed is down or you are blocked by their fw. I have also noticed some random outages during day. I recall someone mentioned that during the recreation of feeds, they are down. I’d say best solution is just try again after some period.

2 Likes

Use IP6 that process is not busy like the IP4 we have a global and IP Limit if you are not syncing simultaneously only the IP limit for the GCF might kick in. Just try is some time later.

Please ensure that your firewall is not flow based our does session caching. That would result in a same behavior.

2 Likes

thanks

After having read this and the other linked threads, I still have this problem:
root@kali:~# openvas-feed-update
[>] Updating OpenVAS feeds
[] [1/3] Updating: NVT
rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111)
rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
[
] [2/3] Updating: Scap Data
rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111)
rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
[*] [3/3] Updating: Cert Data
rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111)
rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3

Originally the update worked fine. Then my machine crashed during an openvas-feed-update session. After rebooting, the openvas-feed-update stopped working with the above error. I tried for several days now.
The manual execution of the following command works fine, but does not perform a complete update:
greenbone-nvt-snyc --curl --verbose

I have a fixed IP address and may have been locked out.
Any help to fix this is appreciated!

Hi Dirk, we DO_NOT_BLOCK any IP addresses, we just limit them to simultaneous one RSYNC TCP session. So maybe your Firewall, Router, NAT-Gateway might be the issue.

I suggest you will look first within your infrastructure.

Anyway your Internet connection seems to be broken as well if you got Network in unreachable you might investigate your connectivity issues as well.

1 Like

Hi Lukas,
thanks for your quick reply!
But my network is fine, since I can reach other targets and also ping feed.openvas.org
I also did not change anything in my network or firewall settings since last week, where openvas-feed-update worked fine.
Any other ideas?

Can you connect to the RSYNC Port via netcat ?

No:
root@kali:~# nc 89.146.224.58 873
(UNKNOWN) [89.146.224.58] 873 (rsync) : Connection refused

1 Like

Must be your infrastructure, i just checked from home:

nc feed.community.greenbone.net 873
nc: using stream socket
@RSYNCD: 31.0
Greenbone community feed server - http://feed.community.greenbone.net/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the Greenbone community portal.
See https://community.greenbone.net for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarely blocked.

Thanks Lukas!
But when I look at the traffic using Wireshark, I see that your server sends me [RST,ACK] answer to my SYN request:


I checked all my network settings and cannot see any reason for this problem.
As I said, everything worked fine a week ago.

No server in the world can communicate with 192.168.1.49 directly :wink: So it´s a NAT issue !