Example 12. You want to redirect all local www connection requests EXCEPT those to your own http server (18.104.22.168) to a Squid transparent proxy running on the firewall and listening on port 3128. Squid will of course require access to remote web servers. This example shows yet another use for the ORIGINAL DEST column; here, connection requests that were NOT (notice the “!”) originally destined to 22.214.171.124 are redirected to local port 3128.
#ACTION SOURCE DEST PROTO DEST PORT(S) SOURCE ORIGINAL
# PORT(S) DEST
REDIRECT loc 3128 tcp www - !126.96.36.199
ACCEPT fw net tcp www
so, seems to me you could edit that to work for your situation, with something like
REDIRECT net 443 tcp 22 -
Worth a shot?