> Hi all, > > I am a newbie to squid. And I have struggled with its configuration file > for several days, until I > got all the desired acl's correctly set. > Then I tried my configuration using wget and... 503. > I fell back to a minimal totally open configuration: > ---------------------- > http_port 3128 > emulate_httpd_log on > debug_options ALL,5 > negative_ttl 0 > Try these: > acl all src 0.0.0.0/0.0.0.0 > acl localhost src 127.0.0.1/255.255.255.255 > acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 443 563 > acl Safe_ports port 80 20 21 443 563 70 210 1025-65535 > acl CONNECT method CONNECT > acl mysite src localhost 192.168.0.0/30 172.16.112.0/24 > http_access deny CONNECT !SSL_ports http_access deny !Safe_ports http_access allow mysite http_access deny all > http_reply_access allow all Drop these: > acl allsites dst 0.0.0.0/0.0.0.0 > http_access allow CONNECT > http_access allow Safe_ports > http_access allow all > http_access allow allsites > > coredump_dir /var/spool/squid > ---------------------- > > But still, I get: > ---------------------- > # wget -O - http://www.google.fr/ > /dev/null > --22:29:34-- http://www.google.fr/ > Resolving www.google.fr... 74.125.39.147, 74.125.39.99, 74.125.39.103, ... > Connecting to www.google.fr|74.125.39.147|:80... connected. > HTTP request sent, awaiting response... 200 OK > Length: unspecified [text/html] > Saving to: `STDOUT' > > [ <=> ] > 5,852 --.-K/s in 0.02s > > 22:29:35 (266 KB/s) - `-' saved [5852] > > ######## everything is OK so far > > # http_proxy=http://localhost:3128 wget -O - http://www.google.fr/ > > /dev/null > --22:30:31-- http://www.google.fr/ > Resolving localhost... 127.0.0.1 > Connecting to localhost|127.0.0.1|:3128... connected. > Proxy request sent, awaiting response... 503 Service Unavailable > 22:30:31 ERROR 503: Service Unavailable. > ---------------------- > > Obviously, it is bound to squid. I run CentOS on x86_64 architecture. I do > not join the log files > here, because I found them not very helpful, only logging that there was > an 503, without giving more > information about it. > I really do not know what to try now, and any clue would be very welcome > and helpful. About half the clues you have access to right now are held in the text of the error page returned. Send it to a file instead of /dev/null and check what the file says about the error. Also I think you want to use : export http_proxy="http://localhost:3128/"; ; wget .... There are weirdnesses sometimes when the final '/' is missing. Amos
