I am using the following rules in iptables in my network to use a transparent proxy
* iptables -t nat -A PREROUTING -i eth0 -s ! squid-box -p tcp --dport 80 -j DNAT --to squid-box:3128
* iptables -t nat -A POSTROUTING -o eth0 -s local-network -d squid-box -j SNAT --to iptables-box
* iptables -A FORWARD -s local-network -d squid-box -i eth0 -o eth0 -p tcp --dport 3128 -j ACCEPT
But my squid log, always logs gateway IP (172.16.0.1)
Do you know an alternative to not lose client IP? (of course avoid saing manual proxy setup!)
You are losing the client IP because of the SNAT rule. I am tempted to suggest that you remove that rule. If your squid box is on the inside of your network like your comment implies then I am pretty sure that you should not need to do the SNAT.
Unfortunately you haven't really provided us with much details to go on about how your network is setup. So if SNAT is required for some reason, then you may need to restructure your network.
The other thing to look at is automatic configuration of your clients using Group Policies and/or WPAD. There are some advantages to actually having the browser recognize that a proxy server is in use.
I fix the problem installing shorewall at gateway.
You can fix this problem by dangling the proxy server off another router interface.
If you do so, you won't need to do the SNAT tricks that cause you to lose the client's IP since all traffic to and from the proxy will be going through the router.