Problem in setting up Transparent Proxy
 

I have installed squid3 in a virtual machine.

Physical host has only one NIC (eth0) and I have created that a bridge(br0) interface. I have used that bridge interface with the VM.

IP of physical host: 192.168.1.20
IP of virtual guest: 192.168.1.4

I have enabled ip forwarding using sysctl and entered "http_port 3128 transparent" line in the squid conf file.

I have added these iptables rules on host machine:
But request is not reaching the proxy server. I have checked at "/var/log/squid3/access.log".

Also, after setting these rules I can't ping the proxy 192.168.1.4

Can anyone help me in this regard.

From your statement "request is not reaching the proxy server", I suspect you have not port forwarded port 80 from the LAN's default gateway to the proxy server's IP address.

Since your proxy only has a single NIC, it cannot be your default gateway for LAN to Internet, so you must have a router of some sort. For web traffic to go through the proxy, the router must re-direct all http and https requests on its LAN side to the proxy. Look for the port forwarding config on your router and add rules to send all LAN port 80 (and 443 for https) to the proxy at 192.168.1.4. You may also want to add rules to the router's firewall to only allow the proxy (192.168.1.4) to send traffic out to port 80 and 443, but I would suggest just adding the port forwards first, and once the proxy is working correctly, you can add the firewall rules to the router, if you like.

Another way to send traffic from LAN systems to the proxy is configuring each browser to use the proxy in the browser's connection settings.

You do not need any iptables rules on the proxy server, as squid's will forward all allowed traffic to the Internet via your router. Looking at the iptables rules you posted, it appears those rules may loop all packets generated by the proxy back to the proxy, so pings are not coming back.

I took a look at the default gateway and changing it works perfectly. Thanks!