General connection problems to feed server

I am having this problem as well. I have a fresh Kali 2020.4 fully updated. The error I keep getting is below. I installed this on a VM roughly 3 months ago with no issues. It is NOT caused by NAT/firewall as I disabled both in trying to troubleshoot this. I also used a VPN in an attempt to use someone else’s IP address. I have read every forum post i can find on this and it looks like i am not the only one having this problem. It is strange though that other users at least start the connection and get refused on the second connect where i cannot even get the firs tone to work.

[>] Updating OpenVAS feeds
[*] Updating: NVT
rsync: [Receiver] failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: [Receiver] failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(137) [Receiver=3.2.3]

2 Likes

I am also having the same error, I installed it Yesterday and worked perfectly, but Today it is broken. I had to reinstall my system, but now I can’t install OpenVas back. It fails with the same error on “gvm-setup”.

> [*] Updating: NVT
> rsync: [Receiver] failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
> rsync: [Receiver] failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Network is unreachable (101)
> rsync error: error in socket IO (code 10) at clientserver.c(137) [Receiver=3.2.3]
> [>] Uploading plugins in Redis
> [*] Updating: GVMD Data
> rsync: [Receiver] failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
> rsync: [Receiver] failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Network is unreachable (101)
> rsync error: error in socket IO (code 10) at clientserver.c(137) [Receiver=3.2.3]
> [*] Updating: Scap Data
> rsync: [Receiver] failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
> rsync: [Receiver] failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Network is unreachable (101)
> rsync error: error in socket IO (code 10) at clientserver.c(137) [Receiver=3.2.3]
> [*] Updating: Cert Data
> rsync: [Receiver] failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
> rsync: [Receiver] failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Network is unreachable (101)
> rsync error: error in socket IO (code 10) at clientserver.c(137) [Receiver=3.2.3]
> [*] Checking Default scanner
> 08b69003-5fc2-4037-a479-93b440211c73  OpenVAS  /var/run/ospd/ospd.sock  0  OpenVAS Default

I also tried on a fresh new system, and still I can’t run gvm-setup.

Hello,

Is there any solution for this problem?
I am having the same issue.

Just found a dirty solution, connecting my kali VM using the mobile usb tethering solved the issue.

Thanks,
Miguel

If you can’t get a connection to the feed server at all this is a different issue than the one you had originally posted this so i have moved these questions into a separate topic.

You can check if you can reach the feed server manually with something like e.g. the following below. I just have checked the connectivity from three different system from different networks / provides and it seems that it is not a general connectivity problem.

$ nc -vvv feed.community.greenbone.net 873
DNS fwd/rev mismatch: feed.community.greenbone.net != dl2.greenbone.net
feed.community.greenbone.net [45.135.106.142] 873 (rsync) open
@RSYNCD: 31.0
Greenbone community feed server - http://feed.community.greenbone.net/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the Greenbone community portal. 
See https://community.greenbone.net for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarily blocked.

You really should connect your systems to the Internet. A legacy only internet connection should not be sufficient in the future.

1 Like

Lukas. My system is connected to the Internet, I am 100% sure. I can google with no issues. Please do not tell me that the issue is on my end, I have tried everything on three different machines and always get the same error, I tried at home, from the office, and also tried from a fresh new Kali AWS instance and still the same error. Is there a solution for this error?

I get this on all three servers with the suggested command above:

$ nc -vvv feed.community.greenbone.net 873
DNS fwd/rev mismatch: feed.community.greenbone.net != dl2.greenbone.net
feed.community.greenbone.net [45.135.106.142] 873 (rsync) : Connection refused

I am sorry but you are not connected to the whole internet, the no route to host shows that you can´t connect to IPv6 part of the internet (The biggest so far). Even if you can google, it does not mean you can connect to the biggest part of the network.

If you are behind a NAT gateway, you might run into issues.

Hello Lukas. We also have several scanners installed in different office locations. All of them stopped being able to sync to the community feed server on December 4th. We are getting the same error as Javier. All of our devices are behind a NAT and only only route through IPv4. This was working flawlessly and something changed 4 days ago. It is not an issue with our systems or the NAT. We are not required to run IPv6 nor do most people on the internet since most companies run behind an IPv4 firewall. Please let us know how we can help diagnose the issue with the community feed server.

1 Like

This is the response that I get from NetCat

This is what Wireshark is giving me.

Add me to the list of people having the same problem:

root@scanner:~# nc -4vvv thefeedhost 873
nc: connect to thefeedhost port 873 (tcp) failed: Connection refused

root@scanner:~# nc -6vvv thefeedhost 873
Connection to thefeedhost 873 port [tcp/rsync] succeeded!

But nothing after that.

And running the rsync by hand:

root@scanner:~# /usr/bin/rsync -ltvvvvvvvvvvvvvrP --timeout 60 --delete --exclude private/ “rsync://thefeedhost:/nvt-feed” “/var/lib/openvas/plugins”
opening tcp connection to feedhost port 873
Connected to feedhost (2a0e:6b40:20:106:20c:29ff:fe67:cbb5)
msg checking charset: UTF-8
[Receiver] io timeout after 60 seconds – exiting
[Receiver] _exit_cleanup(code=30, file=io.c, line=204): entered
rsync error: timeout in data send/receive (code 30) at io.c(204) [Receiver=3.1.3]
[Receiver] _exit_cleanup(code=30, file=io.c, line=204): about to call exit(30)

root@scanner:~# /usr/bin/rsync -4ltvvvvvvvvvvvvvrP --timeout 160 --delete --exclude private/ “rsync://feedhost:/nvt-feed” “/var/lib/openvas/plugins”
opening tcp connection to feedhost port 873
rsync: failed to connect to feedhost (45.135.106.142): Connection refused (111)
[Receiver] _exit_cleanup(code=10, file=clientserver.c, line=127): entered
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
[Receiver] _exit_cleanup(code=10, file=clientserver.c, line=127): about to call exit(10)

And one time it almost worked:

root@scanner:~# /usr/bin/rsync -ltvvvvvvvvvvvvvrP --delete --exclude private/ “rsync://feedhost:/nvt-feed” “/var/lib/openvas/plugins”
opening tcp connection to feedhost port 873
Connected to feedhost (2a0e:6b40:20:106:20c:29ff:fe67:cbb5)
msg checking charset: UTF-8
sending daemon args: --server --sender -vvvvvvvvvvvvvltre.iLsfxC . nvt-feed/ (5 args)
Greenbone community feed server - feedhost
This service is hosted by Greenbone Networks - feedhost

All transactions are logged.

If you have any questions, please use the Greenbone community portal.
See feedhost for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarily blocked.

(Client) Protocol versions: remote=31, negotiated=31
FILE_STRUCT_LEN=24, EXTRA_LEN=4
receiving incremental file list
Setting --timeout=10 to match server
[Receiver] io timeout after 10 seconds – exiting
[Receiver] _exit_cleanup(code=30, file=io.c, line=204): entered
rsync error: timeout in data send/receive (code 30) at io.c(204) [Receiver=3.1.3]
[Receiver] _exit_cleanup(code=30, file=io.c, line=204): about to call exit(30)

The rsync connected and then about 5 minutes later I got the Greenbone message. And then a minute or so later, I got the IO timeout.

And no, there’s no firewall. No NAT. No ACLs. I have full IPv6 connectivity. Anywhere where I’ve put “thefeedhost” I had to redact the feed hostname to make the forum software happy.

Same problem.

rsync: [Receiver] failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)

I get the same response from netcat as @Horfire:

root@kali:~# nc -vvv feed.community.greenbone.net 873
DNS fwd/rev mismatch: feed.community.greenbone.net != dl2.greenbone.net
feed.community.greenbone.net [45.135.106.142] 873 (rsync) : Connection refused
 sent 0, rcvd 0

I also attempted to use a VPN and got the same result regardless of the country I picked.

Tried the connection via both IPv4 and IPv6, from digital ocean (Toronto - Canada) and my home network.

Strange enough it works yesterday:

but now getting the “Connection refused” as well.

Try to turn NAT off, your device might allocate that session or your firewall might be broken.

Some one is doing a dDoS against the service, we are working on it. A SYN flood does not help at all, just locks every legitimate community user out.

2 Likes

We blocked some abusive networks not service is back with 10% rsync load …

You can check by:

nc -vvv feed.community.greenbone.net 873

Connection to feed.community.greenbone.net 873 port [tcp/rsync] succeeded!
@RSYNCD: 31.0
Greenbone community feed server - http://feed.community.greenbone.net/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

[…]

3 Likes

Today, I tried again with gvm-setup on the same system and I did not make any changes. It started syncing sucessfully with no errors, but eventually failed after few minutes with the same 111 error.

oval/
oval/5.10/
oval/5.10/org.mitre.oval/
oval/5.10/org.mitre.oval/c/
oval/5.10/org.mitre.oval/c/oval.xml
        268,150 100%  437.90kB/s    0:00:00 (xfr#26, to-chk=9/44)
oval/5.10/org.mitre.oval/i/
oval/5.10/org.mitre.oval/i/oval.xml
      9,480,204 100%  390.07kB/s    0:00:23 (xfr#27, to-chk=8/44)
oval/5.10/org.mitre.oval/m/
oval/5.10/org.mitre.oval/m/oval.xml
        143,834 100%  185.31kB/s    0:00:00 (xfr#28, to-chk=7/44)
oval/5.10/org.mitre.oval/p/
oval/5.10/org.mitre.oval/p/oval.xml
     90,911,155 100%  398.88kB/s    0:03:42 (xfr#29, to-chk=6/44)
oval/5.10/org.mitre.oval/v/
oval/5.10/org.mitre.oval/v/family/
oval/5.10/org.mitre.oval/v/family/ios.xml
      2,012,118 100%  339.20kB/s    0:00:05 (xfr#30, to-chk=4/44)
oval/5.10/org.mitre.oval/v/family/macos.xml
        453,775 100%  326.32kB/s    0:00:01 (xfr#31, to-chk=3/44)
oval/5.10/org.mitre.oval/v/family/pixos.xml
         10,014 100%   33.96kB/s    0:00:00 (xfr#32, to-chk=2/44)
oval/5.10/org.mitre.oval/v/family/unix.xml
     31,372,831 100%  399.26kB/s    0:01:16 (xfr#33, to-chk=1/44)
oval/5.10/org.mitre.oval/v/family/windows.xml
     51,773,463 100%  398.49kB/s    0:02:06 (xfr#34, to-chk=0/44)

sent 2,753 bytes  received 1,036,990,140 bytes  409,635.75 bytes/sec
total size is 1,036,734,522  speedup is 1.00
[*] Updating: Cert Data
rsync: [Receiver] failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: [Receiver] failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(137) [Receiver=3.2.3]
[*] Checking Default scanner
08b69003-5fc2-4037-a479-93b440211c73  OpenVAS  /var/run/ospd/ospd.sock  0  OpenVAS Default

@Javier I have had some connection issues as well today but was able to download the feeds. Just took a couple attempts.

@Lukas Thank you for looking into this :slight_smile:

I was able to download the feed just fine this morning. Thank you for the update and info. I was going crazy trying to figure this out on my end.

I attempted manual updates this morning with very limited success. I chalked it up to everyone doing the same thing at the same time. I’ve got cron jobs set, so I’ll check them again in the morning.