In a setting where OpenVAS is behind a proxy (that leads to the internet), I am having trouble getting the greenbone-nvt-sync command to work. The errors are:
- rsync: failed to connect to feed.openvas.org (22.214.171.124): Connection refused (111)
- rsync: failed to connect to feed.openvas.org (IPv6): Network is unreachable (101)
- rsync error: error in socket IO (code 10) at clientserver.c(125) [Receiver=3.1.2]
But the funny thing is, I can reach the Internet through Mozilla Browser.
So I have set up the right proxy settings.
But for some reason nvt sync is not happening. Can anyone advise on this?
So what I have found out (please correct if I’m wrong), in the case where you have not defined something called RSYNC, it would not work.
Hence I did this.
export RSYNC_PROXY=(proxy IP address):(port)
Then I continued with greenbone-nvt-sync, but greeted with another error:
rsync: did not see server greeting
rsync error: error starting client-server protocol (code 5) at main.c(1666) [Receiver=3.1.2]
So I have happily forgotten about possible firewalls blocking port 873 which RSYNC is using. Let me know if I’m wrong on this.
That would leave me with offline sync. For this part, please let me know if you have any ideas on how I can do this.
Your proxy must support RSYNC, rsync protocol is not HTTP so you can´t use a HTTP Proxy for rsync connections. If you proxy does support TCP-Stream connections, it might work.
Please ensure that a protocol aware firewall might break your proxy as well. Your proxy must additional be able to connect to the RSYNC Port as well.
Only the GSF Feed can be used with a HTTPS Proxy …
Thanks for the response!
Yes, proxies are generally for http and https traffic, but somewhere in my mind if you want to have other ports you need SOCKS proxy enabled. And RSYNC just so happens to fall in that category.
What do you mean by GSF Feed? Can you explain what that is, and is that a possible workaround to update my OpenVAS?
For information about the different feeds please take a look at