In that case, can we take a look at your squid.conf, dansguardian.conf and perhaps the firewall/NAT rules?

 egrep -v '^[[:space:]]*(#|$)' /path/to/squid.conf

If you have something like:
http_port 3128 transparent

That means squid is binded (forget the English here) to all IPs on that host, so port 3128 must be closed from outsiders.

If you have "filterip = " in dansgurdian.conf, it also means that DG is binded to all IPs and I can simply configure my browser (or even my proxy) to connect to your host on whatever port is open and I use your bandwidth.

So I suggest that at the very first level, ensure that you have:

http_port a.b.c.d:3128 transparent

And in DG, have filterip = a.b.c.d

(where a.b.c.d is the private IP of the host running DG)


Then check your firewall rules to see if any rule might be causing the circumvention.