Squid Transparent Proxy Version: 3.3.8 OS: Ubuntu Server 14.04 Server IP: 192.168.1.3
(excluding comments using grep)
root@ubuntu:~# grep -v '^$\|^\s*\#' /etc/squid3/squid.conf acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl mylocalnetwork src 192.168.1.0/24 http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access allow mylocalnetwork http_access deny manager http_access allow localhost http_access deny all http_port 3128 transparent cache_mem 8 MB maximum_object_size_in_memory 32 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA cache_dir aufs /opt/squid/cache 10000 14 256 maximum_object_size 128000 KB cache_swap_low 95 cache_swap_high 99 coredump_dir /var/spool/squid3 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 refresh_pattern -i \.(rpm|cab|deb|exe|msi|msu|zip|tar|xz|bz|bz2|lzma|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf|nth|psd|sis)$ 10080 90% 43200 refresh_pattern -i \.(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 43200 95% 432000 refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 40320 refresh_pattern -i \.index.(html|htm)$ 0 75% 10080 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 1440 90% 10080 quick_abort_min 0 KB quick_abort_max 0 KB quick_abort_pct 100 store_avg_object_size 13 KB visible_hostname localhost
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.3:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE
The problem is I could not access internet on my client machines with Squid's IP as Gateway & Primary DNS, as shown below.
auto eth0 iface eth0 inet static address 192.168.1.10 netmask 255.255.255.0 gateway 192.168.1.3 dns-nameservers 192.168.1.3
When I change DNS on Ubuntu client to dns-nameservers 192.168.1.1 & Windows client to the same ip of router 192.168.1.1 instead of squid ip(192.168.1.3), then I could access internet on both. This may not be the way to do as the page may be rendered directly from router and may not be from squid server using cache(of-course I could see the logs being generated in /var/log/squid3/cache.log). I also noticed my router blinking for the pages which are already accessed, this may mean it sends the request over internet instead of fetching from squid cache.