Failed to find interface

I’m running a version of openvas (https://github.com/immauss/openvas) in a AWS Fargate container.
One of the routes in the route file in /proc/net/route contains a * as an interface which causes openvas to hang for hours.
It prints this Failed to find interface * mentioned in /proc/net/route x amount of times which is printed by the following code block:
https://github.com/greenbone/openvas-scanner/blob/main/misc/pcap.c#L703-L707.

I’m not able to delete the route in the file due to permissions.
Is there way to not use the given route which contains * as interface?

@immauss could you take a look at this topic?

Thanks for the notification @bricks

I suspect this is something with how AWS is setting up the container as I don’t see that anywhere else and I’ve checked on a couple of different platforms including Docker Desktop on Mac, Docker on a Linux system and podman on a RHEL system.
It could even be something in how you set up the container within AWS. Unfortunately, I’m not an AWS guy, so I wouldn’t know where to look. I’d start by asking around the AWS community to see if there is a way to prevent it. Hopefully it’s not something their infrastructure requires.

I was going to ask about setting the interface in the scanning config, but I don’t see that as an option anymore.

And please let us know if you find anything.

Sorry I couldn’t help more.

-Scott

Thanks for the quick response.

Just to confirm, if the route contains a * as interface can this be the reason why the service is hanging?
I just want to confirm this is the issue.

Seems like for each target there is a timeout of 1.5 hours from it being started until we see Failed to find interface log line.

here an example from the log.

2023-04-17 20:55:11.807 sd  main:MESSAGE:2023-04-17 18h55.11 utc:8708: Vulnerability scan 98f0eeb1-c618-46f7-867e-5f7e62313068 started for host *******
2023-04-17 22:34:55.371 lib misc:MESSAGE:2023-04-17 20h34.54 utc:18967: Failed to find interface * mentioned in /proc/net/route

Found out the real issue.
The missing interface was not what caused the “hanging”.
From further testing I found out scanning the UDP ports made the scanning process a tad slower.

1 Like