Your first rule blocks all traffic on your internal interface. Your second rule passes inbound traffic on that interface if it is TCP and has a destination port of 80 or 443.
Problems I see:
- Your third rule appears to me to be on the wrong interface. I expect you want your proxy server to reach out to web servers via your external interface.
- You are missing a rule to pass domain name resolution traffic between your clients on the internal interface and whatever domain name server(s) they must reach.