I am trying to set up my squid3 proxy as a transparent proxy - right now, I have to manually configure browsers to access via proxy.
I understand that I have to put some rules into Iptables and also some further directives in the squid.conf.

I have a couple of specific questions.
The proxy server is running on a Ubuntu 10.04 workstation and this machine also acts as a dhcp server for the network. I have just one subnet , namely 192.168.0.1-254
There is only 1 network card. Is it much easier to put in a second network card or is it just as easy to configure the existing lan card as a dual IP ?

Is it necessary to configure these 2 IP's ( whether they are via 2 lan cards or dual IP on single card ) to be on different subnets.
i.e ETH0 192.168.0.1 and ETH1 192.168.1.1 or is ok to have something like
ETH0 192.168.0.1 and ETH1 192.168.0.254
( where ETH0 is the one facing the LAN and ETH1 points to the modem router / switch i.e The Internet )
Where specifically do I save the Iptables rule configuration file and what must I call it ?

I would personally advise against transparent proxies. they are not all that. stick with browser configuration, but automate it. Use a proxy.pac / wpad.dat file, and make browsers pick up these details to then explicitly use a proxy. most proxies have no mechanism for transparently proxying https connections for example, and authentication is very difficult / obscure.

I have no idea about that automating procedure to which you refer and since I have no need for authentication, I really would prefer to try to proceed with tranparent proxy implementation.
-keevill-

I have read up on this and allow me to ask advice.
My setup is as follows :
Ubuntu workstation set up as a Squid3 proxy server and DHCP server for LAN.
Proxy IP is 162.168.0.160 :3148 ( Squid3 runs on port 3148 )
Apache webserver running on 192.168.0.160:81 ( Apache runs on port 81 )
Single network subnet 192.168.0.1-254
Single Lan card.

Can I summarise what I think I have to do to achieve all users to automatically route thru the proxy.?



Make a text file with the following content and call it "wpad.dat" ( without the quotes )
function FindProxyForURL(url, host) { return "PROXY 192.168.0.160:3148; DIRECT"; }
Upload this file to the root directory of the apache server .


Apache Server
1. Create .htaccess file.
2.Add the below line into the file:
3.
AddType application/x-ns-proxy-autoconfig .dat
3. Upload file to same location as wpad.dat file.

Linux DHCP:
1. Edit the DHCP configuration file (/etc/dhcp/dhcpd.conf).
2. Edit and paste the following into the file:

option local-pac-server code 252 = text;
option local-pac-server "http://192.168.0.160:81/wpad.dat";
The first declaration must go in the global section of the configuration file.

3.Restart the DHCP server.

Does this about cover what I must do ?
Thx,

-keevill-