0

I keep having issues with getting logged out of Openvas/Greenbone Security Assistant, and after monitoring the logs while I was trying to run a scan, I finally noticed these lines that corresponded with when I had to reauthenticate:

gsad main:WARNING:2018-03-07 20h15.30 UTC:208: MHD: Server reached connection limit (closing inbound connection)
gsad main:WARNING:2018-03-07 20h15.30 UTC:208: MHD: Server reached connection limit (closing inbound connection)
gsad main:WARNING:2018-03-07 20h15.31 UTC:208: MHD: Server reached connection limit (closing inbound connection)

My timeout setting in /etc/default/openvas-gsa is 60 minutes, but because of that connection limit it's not respecting it.

Is there a config option to increase that connection limit so I don't get logged out until the timeout setting kicks in? OS is Ubuntu 16.04.4, I installed OpenVAS from this repo inside a vanilla Ubuntu LXC image.

EDIT: According to this it looks like theres a config option for libmicrohttpd, I'll try messing with that.

4oo4
  • 303
  • 3
  • 10

1 Answers1

0

I think I finally found the answer after all this time, the gsad daemon reads microhttpd settings from /usr/include/microhttpd.h, so when I bump up MHD_OPTION_CONNECTION_LIMIT (line 1215 - https://gnunet.org/git/libmicrohttpd.git/tree/src/include/microhttpd.h#n1215) to something more reasonable than the default of 2, gsad allows more concurrent connections.

Since I'm using an nginx reverse proxy in front of it, having a really low setting for that would always cause a bunch of HTTP 502s whenever I would login to GSA to do anything.

4oo4
  • 303
  • 3
  • 10