subject:"\[Openvas\-discuss\] Problem starting gsa"

Re: [Openvas-discuss] Problem starting gsa

2017-01-31 Thread Corti Matteo (ID BD)

Dear Harald

thanks, I am indeed using Fedora.

Matteo

-- 
ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
Tel +41 44 63 27944, http://www.id.ethz.ch

> On 31 Jan 2017, at 13:43, Reindl Harald  wrote:
> 
> next time mention your operating system and package versions
> https://bugzilla.redhat.com/show_bug.cgi?id=1416034
> 
> a new build is in testing and and then 0.9.52 should work too
> 
> Am 31.01.2017 um 11:56 schrieb Corti Matteo (ID BD):
>> give no output with the following entries in the log file
>> 
>>gsad main:  DEBUG:2017-01-31 10h49.22 utc:24066: main: gettext
>>translation extensions are enabled (using locale "en_US.UTF-8").
>>gsad main:  DEBUG:2017-01-31 10h49.22 utc:24066: Forking...
>>gsad main:  DEBUG:2017-01-31 10h49.22 utc:24067: Forking for redirect...
>>gsad main:CRITICAL:2017-01-31 10h49.22 utc:24067: main:
>>start_https_daemon failed!
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



smime.p7s
Description: S/MIME cryptographic signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem starting gsa

2017-01-31 Thread Reindl Harald


next time mention your operating system and package versions
https://bugzilla.redhat.com/show_bug.cgi?id=1416034

a new build is in testing and and then 0.9.52 should work too

Am 31.01.2017 um 11:56 schrieb Corti Matteo (ID BD):

give no output with the following entries in the log file

gsad main:  DEBUG:2017-01-31 10h49.22 utc:24066: main: gettext
translation extensions are enabled (using locale "en_US.UTF-8").
gsad main:  DEBUG:2017-01-31 10h49.22 utc:24066: Forking...
gsad main:  DEBUG:2017-01-31 10h49.22 utc:24067: Forking for redirect...
gsad main:CRITICAL:2017-01-31 10h49.22 utc:24067: main:
start_https_daemon failed!

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem starting gsa

2017-01-31 Thread Eero Volotinen

I have seen this same problem on hardened machines with ipv6 stack
"disabled" or
half-disabled.

I cannot remember how I fixed this issue. I think, I just modified gsa
source to disable
ipv6 binding.

--
Eero

2017-01-31 13:33 GMT+02:00 Eero Volotinen :

> Is dualstack enabled on your system?
>
> Is ipv6 incorrectly disabled?
>
> For test, try to enable ipv6 and try again?
>
> --
> Eero
>
> 2017-01-31 13:28 GMT+02:00 Corti Matteo (ID BD) :
>
>> Dear Christian
>>
>> Thanks for the hint but
>>
>> /usr/sbin/gsad --no-redirect  --port=9392 --mport=9390
>> --mlisten=127.0.0.1 --gnutls-priorities=SECURE128:
>> -AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0 -f -vvv
>>
>> gives no improvement
>>
>> gsad main:  DEBUG:2017-01-31 11h24.01 utc:32463: main: gettext
>> translation extensions are enabled (using locale "en_US.UTF-8").
>> gsad main:CRITICAL:2017-01-31 11h24.01 utc:32463: main:
>> start_https_daemon failed!
>>
>>
>> Now with --http-only it starts but listens only on IPv6
>>
>> $ netstat -anp | grep 372
>> tcp6   0  0 :::9392 :::*
>>   LISTEN  372/gsad
>>
>>
>> Matteo
>>
>>
>> --
>> ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
>> STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
>> Tel +41 44 63 27944, http://www.id.ethz.ch
>>
>> On 31 Jan 2017, at 12:03, Christian Fischer <
>> christian.fisc...@greenbone.net> wrote:
>>
>> Hi,
>>
>> On 31.01.2017 11:56, Corti Matteo (ID BD) wrote:
>>
>> Why is gsad trying to use port 80?
>>
>>
>> i think because of the following:
>>
>> gsad main:  DEBUG:2017-01-31 10h49.22 utc:24067: Forking for redirect...
>> gsad main:WARNING:2017-01-31 10h49.22 utc:24068: main:
>>
>> start_http_daemon redirect failed !
>>
>> Have a look at the --no-redirect parameter of gsad which disables this
>> behavior:
>>
>> --no-redirect  Don't redirect HTTP to HTTPS.
>>
>> Regards,
>>
>> --
>>
>> Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
>> Greenbone Networks GmbH | http://greenbone.net
>> Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
>> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
>> ___
>> Openvas-discuss mailing list
>> Openvas-discuss@wald.intevation.org
>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/o
>> penvas-discuss
>>
>>
>>
>> ___
>> Openvas-discuss mailing list
>> Openvas-discuss@wald.intevation.org
>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/o
>> penvas-discuss
>>
>
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem starting gsa

2017-01-31 Thread Eero Volotinen

Is dualstack enabled on your system?

Is ipv6 incorrectly disabled?

For test, try to enable ipv6 and try again?

--
Eero

2017-01-31 13:28 GMT+02:00 Corti Matteo (ID BD) :

> Dear Christian
>
> Thanks for the hint but
>
> /usr/sbin/gsad --no-redirect  --port=9392 --mport=9390 --mlisten=127.0.0.1
> --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0
> -f -vvv
>
> gives no improvement
>
> gsad main:  DEBUG:2017-01-31 11h24.01 utc:32463: main: gettext translation
> extensions are enabled (using locale "en_US.UTF-8").
> gsad main:CRITICAL:2017-01-31 11h24.01 utc:32463: main: start_https_daemon
> failed!
>
>
> Now with --http-only it starts but listens only on IPv6
>
> $ netstat -anp | grep 372
> tcp6   0  0 :::9392 :::*
>   LISTEN  372/gsad
>
>
> Matteo
>
>
> --
> ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
> STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
> Tel +41 44 63 27944, http://www.id.ethz.ch
>
> On 31 Jan 2017, at 12:03, Christian Fischer  net> wrote:
>
> Hi,
>
> On 31.01.2017 11:56, Corti Matteo (ID BD) wrote:
>
> Why is gsad trying to use port 80?
>
>
> i think because of the following:
>
> gsad main:  DEBUG:2017-01-31 10h49.22 utc:24067: Forking for redirect...
> gsad main:WARNING:2017-01-31 10h49.22 utc:24068: main:
>
> start_http_daemon redirect failed !
>
> Have a look at the --no-redirect parameter of gsad which disables this
> behavior:
>
> --no-redirect  Don't redirect HTTP to HTTPS.
>
> Regards,
>
> --
>
> Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
> Greenbone Networks GmbH | http://greenbone.net
> Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
>
>
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem starting gsa

2017-01-31 Thread Corti Matteo (ID BD)

Dear Christian

Thanks for the hint but

/usr/sbin/gsad --no-redirect  --port=9392 --mport=9390 
--mlisten=127.0.0.1 
--gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0
 -f -vvv

gives no improvement

gsad main:  DEBUG:2017-01-31 11h24.01 utc:32463: main: gettext translation 
extensions are enabled (using locale "en_US.UTF-8").
gsad main:CRITICAL:2017-01-31 11h24.01 utc:32463: main: start_https_daemon 
failed!

Now with --http-only it starts but listens only on IPv6

$ netstat -anp | grep 372
tcp6   0  0 :::9392 :::*LISTEN  
372/gsad

Matteo


-- 
ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
Tel +41 44 63 27944, http://www.id.ethz.ch

> On 31 Jan 2017, at 12:03, Christian Fischer  
> wrote:
> 
> Hi,
> 
> On 31.01.2017 11:56, Corti Matteo (ID BD) wrote:
>> Why is gsad trying to use port 80?
> 
> i think because of the following:
> 
>> gsad main:  DEBUG:2017-01-31 10h49.22 utc:24067: Forking for redirect...
>> gsad main:WARNING:2017-01-31 10h49.22 utc:24068: main:
> start_http_daemon redirect failed !
> 
> Have a look at the --no-redirect parameter of gsad which disables this
> behavior:
> 
> --no-redirect  Don't redirect HTTP to HTTPS.
> 
> Regards,
> 
> -- 
> 
> Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
> Greenbone Networks GmbH | http://greenbone.net
> Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



smime.p7s
Description: S/MIME cryptographic signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem starting gsa

2017-01-31 Thread Christian Fischer

Hi,

On 31.01.2017 11:56, Corti Matteo (ID BD) wrote:
> Why is gsad trying to use port 80?

i think because of the following:

> gsad main:  DEBUG:2017-01-31 10h49.22 utc:24067: Forking for redirect...
> gsad main:WARNING:2017-01-31 10h49.22 utc:24068: main:
start_http_daemon redirect failed !

Have a look at the --no-redirect parameter of gsad which disables this
behavior:

--no-redirect  Don't redirect HTTP to HTTPS.

Regards,

-- 

Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
Greenbone Networks GmbH | http://greenbone.net
Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Problem starting gsa

2017-01-31 Thread Corti Matteo (ID BD)

Hi

Since a couple of days I am no more able to start gsa.

For example

$ /usr/sbin/gsad --port=9392 --mport=9390 --mlisten=127.0.0.1 
--gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0
 -vvv

give no output with the following entries in the log file

gsad main:  DEBUG:2017-01-31 10h49.22 utc:24066: main: gettext translation 
extensions are enabled (using locale "en_US.UTF-8").
gsad main:  DEBUG:2017-01-31 10h49.22 utc:24066: Forking...
gsad main:  DEBUG:2017-01-31 10h49.22 utc:24067: Forking for redirect...
gsad main:CRITICAL:2017-01-31 10h49.22 utc:24067: main: start_https_daemon 
failed!
gsad main:WARNING:2017-01-31 10h49.22 utc:24068: MHD: Failed to listen for 
connections: Address already in use
gsad main:WARNING:2017-01-31 10h49.22 utc:24068: main: start_http_daemon 
redirect failed !

Manager is running and listening to 9390

$ telnet 127.0.0.1 9390
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
^]

telnet> close
Connection closed.
$ 

And nothing is already listening on port 9392

$ netstat -anp | grep 9392
$ 

Executing it with strace I see that it tries to use port 80 with IPv6

[pid 24762] bind(4, {sa_family=AF_INET6, sin6_port=htons(80), 
inet_pton(AF_INET6, "::", _addr), sin6_flowinfo=htonl(0), 
sin6_scope_id=0}, 28 

Port 80 *is* already used.

Why is gsad trying to use port 80?

Thanks in advance

Matteo

-- 
ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
Tel +41 44 63 27944, http://www.id.ethz.ch



smime.p7s
Description: S/MIME cryptographic signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem starting gsa

Re: [Openvas-discuss] Problem starting gsa

Re: [Openvas-discuss] Problem starting gsa

Re: [Openvas-discuss] Problem starting gsa

Re: [Openvas-discuss] Problem starting gsa

Re: [Openvas-discuss] Problem starting gsa

[Openvas-discuss] Problem starting gsa

7 matches

Site Navigation

Mail list logo

Footer information