i use squid and iptables together. i prefer transparent proxy. my squid allow every client. we want freedom
i prefer squid because it has a cache and a log fie. i use iptables (SNAT) for other ports access (pop3 smtp ftp https ssh etc..).
if u dont want to configure browser of clients, u have to use transparent proxy. iptables can redirect incoming http requests from LAN to squid port. u must also add some lines into squid.conf for transparent proxy. but i dont know if transparent proxy will work with http auth.. i didnt try it b4. check www.squid-cache.org
if u want transparent proxy, do the followings
redirect port 80 to port 3128 (squid default port) if it comes from LAN (192.168.0.0/255.255.255.0)
iptables -t nat -A PREROUTING -s 192.168.0.0/24 -p tcp --dport 80 -j REDIRECT --to-port 3128
these lines must be added in squid.conf