NPF is missing TPROXY / divert sockets functionality.Can't you use map for those?
Squid transparent/intercept proxy needs to know the original destination address. With map (DNAT) it's only possible doing an IOCTL lookup on the NAT table. IPFilter: SIOCGNATL PF: DIOCNATLOOK Unfortunately, it's not implemented in NPF yet. -- Gergely EGERVARY