I have two LAN cards on my transparent squid box.

eth0: 10.0.0.2 (connected to internet)
gw : 10.0.0.1

eth1: 192.168.1.1 (connected to LAN)
gw : 10.0.0.2

All systems in LAN1 (192.168.1.0/24) has gateway as 192.168.1.1
All systems in LAN2 (10.0.0.0/24) has gateway as 10.0.0.2

Are my settings appropriate??

Now i want both incoming and outgoing connections (any/all ip and any/all port) to pass thru this transparent squid gox as gateway. HOw do i implement this using iptables???

Can somebody give me the commands or way to configure to let all IPs and ports incoming and outgoing connections???

Can we log all ports, protocols and application in squid access.log or only HTTP traffic??? Am struggling to get an answer for this..

Please help me in this regard.

thanks

I think this link could be useful
http://wiki.squid-cache.org/SquidFaq/

Squid in transparent mode supports only HTTP traffic as far as i remember

You can log entire traffic going thru a gateway using IPTABLES (would produce quite large logs) or just connection initialization requests SYN packets (you can log source and destination address and port easily but finding out wich app makes the connection requires additional tools and is not always possible)

as far as i can see both network interfaces of your gateway are non routable (LAN) networks
10.0.0.0 – 10.255.255.255 and 192.168.0.0 – 192.168.255.255 are private address spaces (not reachable from internet)

The only thing visible from internet side is your internet gateway at 10.0.0.1 assuming that the other side of the device has a real world reachable address and static ip

this makes impossible to reach your lan machines from internet unless you can reconfigure the gateway device at 10.0.0.1 to forward all ports (entire traffic) to your proxy box after that setting up NAT on this box should make possible for all machines on 192.168.. subnet to connect to internet using any port or protocol
it would make some problems with HTTP requests on non standard ports tho

I doubt if computers from 10... subnetwork could use nated connections (it should be possible but never tried such a solution cause its un secure - its enough for the client to change default gw for 10.0.0.1 and they will bypass your SQUID proxy connecting straight to the internet via the real gateway

i would recommend a change in the config so only servers that should be accessible from internet should be left in 10... subnetwork with port redirected to them on 10.0.0.1 device and the rest should be put in 192.168. subnetwork

but everything depends on your specific needs

I hope its not too chaotic to understand

PS this should log all incoming connections from 192.168 subnetwork (only initialization packets not entire traffic) iptables -I 1 INPUT -i eth1 -syn -j LOG
this single command should log in syslog any incoming connection on your eth1 interface

hope this answers at least some of Your questions