How to setup client for squid transparent proxy?

Solution 1:

I am not sure, but please take a look with this checklist:

Edit the the squid.conf file and change the following line to enable transparent proxy mode:

http_port 3128

to

http_port 3128 intercept

Then

service squid restart 
service squid reload

Add an entry to iptables NAT table to port-forward inbound traffic on the inside interface (LAN side) to the Squid server on port 3128 (assuming eth0 is the inside interface with the IP address 192.168.1.3

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.1.3:3128

Now you can look at your iptables, default filter table, and NAT table, using the following commands:

iptables -L -t filter

iptables -L -t nat

Now you can add (append) to the iptable filter table with the following commands, to accept input on port 3128 for Squid

iptables -t filter -A INPUT -p tcp --dport 3128 -j ACCEPT

Also Try this:

You need both one 'intercept' and one 'forward proxy' port in config even if you don't use forward proxy:

http_port 3129 

http_port 3128 intercept

Note: The transparent option has been deprecated by intercept option since 2010.

Solution 2:

According to the Squid WiKi you have the wrong setting in the http_port option, with Squid 3.1+ and DNAT it should be intercept instead of transparent.

http_port 3128 intercept

Although the output of your Squid log does seem to indicate intercepted sockets being active.

A second thing is that the Linux server needs to allow TCP-IP forwarding with sysctl net.ipv4.ip_forward=1