Feeds not updating - Githubissues

Secure-Compliance-Solutions-LLC / GVM-Docker

Greenbone Vulnerability Management Docker Image with OpenVAS

https://securecompliance.gitbook.io/projects/

MIT License

246 stars 91 forks source link

Feeds not updating #294

Closed markdesilva closed 2 years ago

markdesilva commented 2 years ago

Describe the bug Last few days feeds are timing out and I get these messages in the logs:

Updating NVTs...
[Receiver] io timeout after 10 seconds -- exiting
....
Updating SCAP data...
....
receiving incremental file list
[Receiver] io timeout after 10 seconds -- exiting
rsync error: timeout in data send/receive (code 30) at io.c(197) [Receiver=3.2.3]
....
Updating CERT data...
....
receiving incremental file list
[Receiver] io timeout after 10 seconds -- exiting
rsync error: timeout in data send/receive (code 30) at io.c(197) [Receiver=3.2.3]

To Reproduce Steps to reproduce the behavior:

Start the container
docker logs -f gvm
See error

Expected behavior Feeds updates should download

Screenshots If applicable, add screenshots to help explain your problem.

Host Device:

OS: Ubuntu
Version: 20.04

Image in use: Docker image from securecompliance

Additional context Add any other context about the problem here.

Dexus commented 2 years ago

This is not a BUG.
- It looks your firewall or the download host is blocking your requests.
- You should make sure to not run this update for different containers at the same time with the same IP. Or you get blocked, please read the Feeds Policy from greenbone.
You missed title and requested details.

markdesilva commented 2 years ago

Sorry about the title, I have edited it.

* It looks your firewall or the download host is blocking your requests.

No firewall in place.

* You should make sure to not run this update for different containers at the same time with the same IP. Or you get blocked, please read the Feeds Policy from greenbone.

For GVM, this container has its own IP and its the only container doing the update. Everything has been working fine until yesterday. No changes have been made to the container or the host.

I can't reach feed.community.greenbone.net from anywhere. Has the feed url changed?

pixelsquared commented 2 years ago

Looks like an issue on greenbone's side. https://community.greenbone.net/t/unable-to-connect-rsync-feed-community-greenbone-net-at-io-c/10548

markdesilva commented 2 years ago

Thanks @pixelsquared! I thought it was just me, nearly deleted the whole container and wanted to try from scratch.

Looks like an issue on greenbone's side. https://community.greenbone.net/t/unable-to-connect-rsync-feed-community-greenbone-net-at-io-c/10548

markdesilva commented 2 years ago

Greenbone says that SYN-Cookies need to be activated.

https://community.greenbone.net/t/important-ip-and-bandwith-limitations-on-community-feed/10595/22

Any idea how we do this with the docker image?

Thank you.

Dexus commented 2 years ago

Greenbone says that SYN-Cookies need to be activated.

https://community.greenbone.net/t/important-ip-and-bandwith-limitations-on-community-feed/10595/22

Any idea how we do this with the docker image?

Thank you.

The went from SYN to random early drops. And if you need SYN you need to activate them in HOST system.

Maybe also this helps you on Host and Docker

vi /etc/sysctl.conf

and add the following lines:

net.ipv4.tcp_syncookies = 1

Then run

sysctl -p

alternative: clone once a day the RSYNC Repo, and setup you system with environment for COMMUNITY_CERT_RSYNC_FEED, COMMUNITY_SCAP_RSYNC_FEED, COMMUNITY_GVMD_DATA_RSYNC_FEED to your local clone.