PacketFence - BTS - PacketFence
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0001467PacketFenceupstreampublic2012-06-14 10:582012-10-19 13:59
Reporterdwuelfrath 
Assigned Todwuelfrath 
PrioritynormalSeverityminorReproducibilitysometimes
StatusassignedResolutionsuspended 
PlatformOSOS Version
Product Version3.2.0 
Target VersionFixed in Version 
fixed in git revision
fixed in mtn revision
Summary0001467: OpenVAS tasks starts after 10 minutes
DescriptionHello,
i use OpenVAS in combination with Packetfence. If Packetfence insert a new scan task into OpenVAS the task only starts after 10 minutes. First the task is "requested" for 10min, then the task "run" for 15sec. If i start an task manuell, it waits 10 min.
Steps To Reproduce
Additional Information
TagsNo tags attached.
Relationships
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2012-06-14 10:58dwuelfrathNew Issue
2012-06-14 10:58dwuelfrathNote Added: 0002769
2012-06-14 10:59dwuelfrathNote Added: 0002770
2012-06-14 11:00dwuelfrathNote Added: 0002771
2012-06-14 11:00dwuelfrathStatusnew => assigned
2012-06-14 11:00dwuelfrathAssigned To => dwuelfrath
2012-06-14 14:32dwuelfrathNote Added: 0002785
2012-06-14 14:33dwuelfrathNote Added: 0002786
2012-06-14 14:33dwuelfrathNote Added: 0002787
2012-06-14 14:34dwuelfrathNote Added: 0002788
2012-06-15 09:48obilodeauResolutionopen => suspended
2012-06-15 09:48obilodeauCategoryscanning => upstream
2012-06-15 09:48obilodeauProduct Version => 3.2.0
2012-10-19 13:59fgaudreaultTarget Version => long-term

Notes
(0002769)
dwuelfrath   
2012-06-14 10:58   
This situation has been encountered several times during development of the OpenVAS integration.
(0002770)
dwuelfrath   
2012-06-14 10:59   
Post from Matthew Mundell on the OpenVAS mailing-list:
"When the Manager connects to the Scanner to start the task, the Scanner always sends all the details of the NVTs to the Manager. Processing of this might be what is taking the 10 minutes. This happens every time a client connects to the Manager."
(0002771)
dwuelfrath   
2012-06-14 11:00   
Asked Matthew / OpenVAS mailing about the correct way to triggers a scan using OMP.
(0002785)
dwuelfrath   
2012-06-14 14:32   
Reply from Matthew:
What you're doing is "correct". You could also use the same OMP connection
multiple times. That way the Manager would only connect to the Scanner the
first time. A new connection each time is more resistant to bugs and leaks
in the Manager though.
(0002786)
dwuelfrath   
2012-06-14 14:33   
Discussion about Matthew's reply:

>>> What I'm looking for is the "correct" way to triggers scan on OpenVAS
>>> without having to wait that 10minute delay each time.
>> What you're doing is "correct".
> By correct you mean we can work something better?
What you are doing is the standard way. The GSA does it this way, for
example.

>> You could also use the same OMP connection
>> multiple times. That way the Manager would only connect to the Scanner the
>> first time.
> That way we only face the 10 minutes delay the first time?
Yes.

>> A new connection each time is more resistant to bugs and leaks
>> in the Manager though.
> But we'll face the 10 minutes delay at each connection?
Yes.

This should speed up considerably in the future, if that's any consolation.
(0002787)
dwuelfrath   
2012-06-14 14:33   
Still discussion:

> So your recommandation would be to stay that way and wait for Openvas to
> speed up ?
Depends how bad 10 minutes is for you, and how much time you have to try
the alternative. The Scanner speedup could be a year or more away.
(0002788)
dwuelfrath   
2012-06-14 14:34   
End of story:

It is an OpenVAS issue. We may try to keep the connection active from the first time but this may cause some memory leaks on the OpenVAS side.
It seems to be in the roadmap to fix this issue from the OpenVAS side.