Squid transparent proxy connected to another proxy

It could be something like following

acl local_net src 192.168.1.0/24
http_access allow local_net

cache_peer real-magic-proxy.example.net parent 3128 3130 default login=user:password
cache_peer_access real-magic-proxy.example.net allow local_net

Your real proxy must support ICP protocol. It will work with http, but with https, I think, it wouldn't work due to nature of ssl. But you could try ssl bump feature in squid 3.3.x

You can use login=user:password if your parent requires proxy authentication


I think what you're looking for is the cache_peer option in squid to define a parent cache. Then you can setup a transparent proxy, that you don't have to configure or reconfigure the clients. which would look like this:

http_port 3128 transparent

Last but not least, you'll need to redirect all traffic to port 80 on your gateway redirected to the proxy server on the gateway. with iptables it could look like this:

# user 'squid' is allowed to pass http requests
iptables -t nat -A OUTPUT -m tcp -p tcp --dport 80 -m owner --uid-owner squid -j RETURN
#All traffic to port 80 to squid the 
iptables -t nat -A OUTPUT -m tcp -p tcp --dport 80 -j REDIRECT --to-ports 3128