ipv6 disabled = scanner error

[Vict0rC]

Hello, when ipv6 is disabled at host machine where docker is running, its impossible to scan any target host (even ipv4 ip) with error:

Scan process Failure Task interrupted unexpectedly

sd main:MESSAGE:2021-09-13 05h53.20 utc:12149: openvas 21.4.1 started sd main:MESSAGE:2021-09-13 05h53.27 utc:12149: Vulnerability scan 6d3d856e-73e1-4054-8d47-174d077a4e6d started: Target has 1 hosts: xxxxxxxx, with max_hosts = 20 and max_checks = 4 libgvm boreas:WARNING:2021-09-13 05h53.27 utc:12149: set_socket: failed to open ARPV6/ICMPV6 socket: Address family not supported by protocol libgvm boreas:WARNING:2021-09-13 05h53.27 utc:12149: start_alive_detection. Boreas could not initialise alive detection. Boreas was not able to open a new socket. Exit Boreas. sd main:MESSAGE:2021-09-13 05h53.28 utc:12149: Vulnerability scan 6d3d856e-73e1-4054-8d47-174d077a4e6d finished in 8 seconds: 0 alive hosts of 1

After enabling ipv6 it works. VicC

[immauss]

That is odd. Can you give me some more details? Linux Distro & Version Docker Version

[Vict0rC]

DISTRIB_DESCRIPTION="Ubuntu 20.04.3 LTS" Docker version 20.10.7, build 20.10.7-0ubuntu1~20.04.1 other problem is, that feed is not updated if i restart (or stop and start) container... (I am not using sync false param) If I run it manualy from bash from inside container, its working ok and feeds get updated.

[immauss]

do the feeds update properly when IPv6 is enabled?

I've really no idea why this would fail or be a problem specific to any one container image.

Also, with the 21.4.1 as openvas, it looks like you are using an older image as well. Can you please pull the latest and see if it exhibits the same problems?

Thanks, Scott

[Vict0rC]

I just pulled latest nad enabled ipv6 and nothing changed :-( same problem.... feeds doesnt update while container start or restart

[immauss]

I'm not able to reproduce this. Are you seeing it in more than one environment? Here's how I tried to reproduce. Let me know if I missed anything.

I started with a clean VM running fully updated Ubuntu 20.04.3 Docker version 20.10.8 ( current version)

started the container and scanned the ubuntu host on it's ipv4

Disabled ipv6 with: sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1

Scanned again after disabling ipv6 with same results.

Disabled ipv6 by editing /etc/default/grub and adding "ipv6.disable=1" and rebooting. restarted the container and ran the scan again with the same results.

[Vict0rC]

Hello, after some tests and reinstalling clean VM with latest Ubuntu pulled latest docker img and I set everything as you described in your previous post. Everything started to work like a charm... Until yesterday :-) Yesterday I updated os with some requested updates and rebooted VM, started docker. GVM is running ok, feeds are updated. But - when I start scan it interupts with error:

libgvm boreas:WARNING:2021-11-19 08h55.24 utc:29682: set_socket: failed to open ARPV6/ICMPV6 socket: Address family not supported by protocol libgvm boreas:WARNING:2021-11-19 08h55.24 utc:29682: start_alive_detection. Boreas could not initialise alive detection. Boreas was not able to open a new socket. Exit Boreas. sd main:MESSAGE:2021-11-19 08h55.25 utc:29682: Vulnerability scan 3bd3d241-181e-4eae-b6d3-24dfb5dfad12 finished in 8 seconds: 0 alive hosts of 1

Working fix is to disable alive check of host and set i to - Consider Alive Any idea? Thanx lot for you work! Victor

[jpmorris-iso]

Hi Vict0rC, I am having the same issue, did you ever manage to resolve without setting the alive check to Consider Alive?

[immauss]

Sorry ... only just saw this. Make sure you re-open.

Can you tell me how you are disabling IPv6?

[jpmorris-iso]

Hi Scott,

Thanks for coming back. Same way as above

sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1

edit /etc/default/grub and adding "ipv6.disable=1" run update-grub
reboot

Not too much of an issue as I have just enabled ipv6 again and I can now select ICMP ping for the Alive Detection

[immauss]

I'm still not able to reproduce this .... Any other ideas?