saugato, could you please provide an overview of your setup?? how many interfaces do you have?? how much NAT (Network Address Translation) are you doing?? etc... etc.. etc...
as Capt_Caveman pointed-out, you need to make sure the eth0 interface in your rule is the one facing your LAN...
also, remember that you'll need an INPUT rule to accept the packets that are getting redirected by the PREROUTING rule:
Code:
iptables -t nat -A PREROUTING -p TCP -i eth0 --dport 80 -j REDIRECT --to-ports 3128
iptables -A INPUT -p TCP -i eth0 --dport 3128 - j ACCEPT
or to be more politically correct:
Code:
iptables -t nat -A PREROUTING -p TCP -i eth0 --dport 80 -j REDIRECT --to-ports 3128
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p TCP -i eth0 --dport 3128 -m state --state NEW -j ACCEPT
don't forget you also need to deal with TCP port 443 (HTTPS) in order to allow browsing of secure websites... personally, i never use the proxy for HTTPS, i just NAT it...
just my two cents...