have a Linux as router, eth0 (192.168.0.60) connect to LAN, eth1 (10.100.33.239) connect to Internet. squid works well, I can set 10.100.33.239:3128 or 192.168.0.60:3128 as proxy in web browser and visit http and https web-site.
now, I want to use iptables to setup transparent proxy, which means I can visit web site without setting proxy in my web browser.
Now, http is OK, but https is failed. would someone help me? thank you!
iptables config
iptables -t filter -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t filter -A FORWARD -i eth0 -p tcp --dport 443 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source 10.100.33.239
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.60:3128
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128