Successuflly fix connection issue for updating feeds

Firstly, Thanks a lot for OpenVAS team to provide this kind vulnerability solution. It’s very useful for my SIEM project.

Like many users, I faced issue to update feeds after stating using OpenVAS, but I am lucky to fix them after reviewing many posts in this community. Now, I would like to share and summary some major points that how I fix that connection issue for you.

  1. Proxy can be used , but you make sure your proxy can reach with port 873
    Now, I am using Squid to download these feeds after modifying the following changes,

=====copy from internet=======================
To allow RSYNC proxy via Squid, edit squid.conf file:

  1. add 873 to acl SSL_ports port list
  2. add 873 to acl Safe_ports port list
  3. if you want proxy without password, add host at which rsync is running to acl allowed_hosts list
    ====copy from internet========================

The following is log for updating feeds
====successful log from squid==================
1566377499.776 6268 x.x.x.x TCP_TUNNEL/200 601 CONNECT - HIER_DIRECT/ -
1566377748.449 248659 x.x.x.x TCP_TUNNEL/200 4466562 CONNECT - HIER_DIRECT/ -
1566377903.775 5700 x.x.x.x 2 TCP_TUNNEL/200 601 CONNECT - HIER_DIRECT/ -

  1. Configure your OpenVAS environment to make sure RSYNC go through the following settings.

rsync_proxy=“proxy server ip:port”

  1. DNS need to be configured and resolve on proxy server
    ===========in /etc/squid/squid.conf==============