Connection refused (111) - greenbone-nvt-sync

I’m trying to install GSE 20.08 on a brand new Debian9 following this tutorial
https://sadsloth.net/post/install-gvm-20_08-src-on-debian/
When I run greenbone-nvt-sync, it goes for some minutes and suddenly it stops with the following messages:

report_formats/f981e68c-c56a-41fa-ab1f-b5fed0e4181b.asc
            228 100%    0.34kB/s    0:00:00 (xfr#63748, to-chk=2/64566)
report_formats/f9d5e19c-4f90-11e4-847d-001f29e71d12.asc
            230 100%    0.30kB/s    0:00:00 (xfr#63749, to-chk=1/64566)
report_formats/fae2d2f8-2a7a-11e2-b646-001f29eadec8.asc
            230 100%    0.30kB/s    0:00:00 (xfr#63750, to-chk=0/64566)

sent 1,217,299 bytes  received 293,167,082 bytes  409,720.78 bytes/sec
total size is 287,790,127  speedup is 0.98
rsync: failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]

As per report_formats it’s clear it has download everything before it fine. Then it seems to start a new RSYNC and fails.
I have a NAT and a FW. If it’s them I suppose it would fail right away. I have seen on the internet this error but no clear answer.
Any help would be welcome

I have the same issue.
Strangely enough… but the CERT-Data was successfully downloaded. For you too?

Guys we see that some users are excessive using our community feed. We will ensure this use will be slowed down for the humble normal community user.

Please try today after 12UTC where this measures are in place.

1 Like

Still receiving the same error log.

Regards.

Our server are not full, so you might run into a double IP association, please check that no double TCP sessions are established to our feed server.

1 Like

Lukas, it’s strange. Because it downloads a series of data and suddenly it fails.

It’s like the script itself it’s not waiting to connect again and them we are blocked

Greenbone community feed server - http://feed.community.greenbone.net/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the Greenbone community portal.
See https://community.greenbone.net for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarily blocked.

receiving incremental file list

sent 1,124 bytes  received 2,612,019 bytes  149,322.46 bytes/sec
total size is 287,923,700  speedup is 110.18
rsync: failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]

Please check the other posts regarding this topic.

1 Like

So but can you please tell me, if the CERT data (Cert-Bund Advisories and DFN-Cert Advisories) can be downloaded the FW / network settings should be correct, or?

One TCP connection to rsync from one source IP, if you are behind GCN, NAT or a Corp. Firewall you need to ensure that this IP in not allocated … that´s it.

1 Like

This didn’t solved for me. I cunfigured my Kali with a unused public IP temporary and I still get the same error “rsync: failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)” and so on.

Could it be something else?

GVM 20.08 - Kali Linux 2020.4

The error comes from an unexpected EOF.
I have already seen this problem with several Linux packages.

I was able to fix the error by disabling hardware acceleration in my FirtzBox under Packet Acceleration.

Since then the rsync works fine.

The error is known at AVM and should be fixed in version 7.20 or 7.21.

After finishing the download, please activate it again, otherwise your internet will be slowed down.

It seems that this voodoo firewall is keeping the session alive so it´s normal that you can not establish a 2nd session.

Thank you for that great information. As we said many times disable any firewall, plastic router or other internet breaking technology.

Guys, it’s not always possible to disable firewalls, eliminate NATs and so on. A simple solution is to add a sleep 5 after each rsync command. Once it is done, it does work.

Would be possible to add it on the sync scripts and get it fix ?

One TCP connection per source IP at the same time, it´s very simple. If you have issues with your network connection there is nothing we can do due to broken NAT or Firewalls.

If you get a FIN-ACK you can build a new connection …

Just create PRs for the scripts in gvmd and openvas with meaningful comments in the code and let me know of them. Not all users can fix their devices so I am open for adding this small sleep timeout.

1 Like

There are two open PRs adding such sleep timeouts available below.

Note that adding a timeout for all users might cause longer running sync scripts even for the ones not affected by this. But 30 seconds is probably something acceptable for everyone.

It might also worth to mention that all sync scripts (greenbone-nvt-sync and the greenbone-feed-sync with all three types) shouldn’t be running at the same time (check you cronjob or similar) as sleeps won’t help for this case as well.

Replacement PRs with some improvements below. Please note that this is still valid:

1 Like

3 posts were split to a new topic: General connection problems to feed server