A distinction is made between two different modes of operations. This is theconventional mode and thetransparent mode.
In this mode, the proxy needs to be entered in the network settings in the client machines (also if you use browsers with independent network settings such as Firefox or Opera) so the proxy is used.
In this mode, the HTTP protocol, HTTPS, FTP over HTTP, and Gopher are available.
For an automatic way take a look to the "transparent mode" mentioned below.
As shown in the configuration example, by ticking the checkbox squid works in the appropriate network and mode. In this example, Squid is enabled on "Green" and "Blue" respectively in the conventional mode. Mixed operations are also possible!
Since the proxy can be bypassed by the users relatively easy (if the proxy settings are removed on the client system), if the browser refers his network settings from the system preferences the users should not have administrator privilege to prevent this scenario.
To make sure that the proxy is not bypassed, the outbound firewall can be configured accordingly. Thus, the proxy settings on the client systems must be correct to allow access to the Web, otherwise the connection will be prohibited by IPTables.
In this mode Squid operates completely in the background and requires no configuration on client side. This mode only works with HTTP (port 80), the transparency is technically regulated by the firewall that intercepts any request to the web through the proxy and redirects the service (REDIRECT-Target).