IF1 TCP 192.168.1.102 * ! 192.168.1.0/24 443 (HTTPS) 192.168.1.23 3128 redirect traffic to proxy HTTPS
So no need to point HTTPS to another port? That's why I tried to redirect to 3128 with the transparent settings, too.
DNS blocking does not work. Since I have deny all rules for my host and only allow a few specific ones