I think this link could be useful
http://wiki.squid-cache.org/SquidFaq/
Squid in transparent mode supports only HTTP traffic as far as i remember
You can log entire traffic going thru a gateway using IPTABLES (would produce quite large logs) or just connection initialization requests SYN packets (you can log source and destination address and port easily but finding out wich app makes the connection requires additional tools and is not always possible)
as far as i can see both network interfaces of your gateway are non routable (LAN) networks
10.0.0.0 – 10.255.255.255 and 192.168.0.0 – 192.168.255.255 are private address spaces (not reachable from internet)
The only thing visible from internet side is your internet gateway at 10.0.0.1 assuming that the other side of the device has a real world reachable address and static ip
this makes impossible to reach your lan machines from internet unless you can reconfigure the gateway device at 10.0.0.1 to forward all ports (entire traffic) to your proxy box after that setting up NAT on this box should make possible for all machines on 192.168.. subnet to connect to internet using any port or protocol
it would make some problems with HTTP requests on non standard ports tho
I doubt if computers from 10... subnetwork could use nated connections (it should be possible but never tried such a solution cause its un secure - its enough for the client to change default gw for 10.0.0.1 and they will bypass your SQUID proxy connecting straight to the internet via the real gateway
i would recommend a change in the config so only servers that should be accessible from internet should be left in 10... subnetwork with port redirected to them on 10.0.0.1 device and the rest should be put in 192.168. subnetwork
but everything depends on your specific needs
I hope its not too chaotic to understand
PS this should log all incoming connections from 192.168 subnetwork (only initialization packets not entire traffic) iptables -I 1 INPUT -i eth1 -syn -j LOG
this single command should log in syslog any incoming connection on your eth1 interface
hope this answers at least some of Your questions