Squid

How to redirect pptpd traffic through squid?

Hello! I can't figure it out for a few days, please help.
There is a VPN server (pptpd (ppp0 Ip 192.168.5.1) on Ubuntu which is running on a digitalocean virtual server). Devices to which I do not have access are connected to the server.
There was a need to block sites and ip that appear in the register of prohibited sites of Roskomnadzor.
I realized that this can be done using Squid3. PHP was installed and a script was added that downloads the list of blocked url and ip from the Roskomsvoboda website. (script from here ). Also added lines to the squid3 settings from there.
I understand that in order for squid to start filtering traffic, you need to redirect all pptpd traffic through it. How to do it?None of the internet solutions worked.
Just as I understood that squid cannot block https. How to set up blocking and encrypted traffic. I tried the solution from here , it didn't work (probably because squid "doesn't see" the traffic.
Contents of the squid3 configuration from here + added lines from articles about blocking:

http_port 8085
icp_port  0

cache_mem 256 MB
memory_replacement_policy lru
maximum_object_size_in_memory 512 KB

cache_swap_low 90
cache_swap_high 95

access_log /var/log/squid3/access.log squid
logfile_rotate 12

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .                 0     20%     4320

dns_nameservers 8.8.8.8 8.8.4.4
positive_dns_ttl 6 hours
negative_dns_ttl 1 minutes

#auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/passwords
#auth_param basic children 5
#auth_param basic realm Please provide your username and password.
#auth_param basic credentialsttl 24 hour

#acl ncsa_users proxy_auth REQUIRED

acl block_rkn url_regex -i "/etc/squid3/rks_urls.acl"

acl localnet src 10.0.0.0/8     # RFC 1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC 1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC 1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443          # https
acl SSL_ports port 22           # ssh

acl All_ports port 1-65535  # unregistered ports

acl CONNECT method CONNECT

http_access deny block_rkn

http_access allow localnet
#http_access allow ncsa_users
http_access allow All_ports
http_access allow CONNECT SSL_ports
http_access deny all

coredump_dir /var/spool/squid3

request_header_access Cache-Control deny all

https_port 127.0.0.1:3130 transparent ssl-bump generate-host-certificates=on cert=/etc/squid/ssl/squid.pem 
key=/etc/squid/ssl/squid.key

acl badips dst "/etc/squid/rks_ips.acl"
ssl_bump server-first badips