Originally Posted by dbmacartney
You will need to add a prerouting DNAT rule so that the source IP information is maintained. A normal redirect rule will change the packet header so that the packet will appear to be coming from the transparent proxy and not the requesting client, in this situation.
Mmm. Okay, I don't know what the original poster has but I'm not sure this is 100% true.
I have a basic transparent proxy running into a couple of places and one in particular that I can access at the moment - it's a long time since I set this system up and I have only sparse access to it (it's a production server for a school) but I *don't* have DNAT rules, only REDIRECT's on my particular setup, although I don't doubt that they may have an effect in some configurations.
However, I do seem to have Squid 3.0STABLE1, which may make a difference, and "transparent" on the http_port line. I don't ever remember doing anything specific to make logging of IP's work on any version of squid I've used to do transparent proxying.