Squid intercept proxy stuck with forwarding loop

Question

I'm trying to set up a debugging proxy using Squid, mainly to test our own client communications library for various proxy types (one possibility with our client, is to connect to an external intercepting and filtering proxy service).

Our network setup looks like this:

[Client device/browser] -- [proxy, public IP only] -- [target websites, e.g. Google, Facebook, etc]

When testing out the setup, doing this from a Linux client works fine (since port 8991 is not set up with intercept):

$ curl --proxy http://<squidserverip>:8991 http://www.example.com/

This version, however, gives out an Access Denied error page from Squid (since port 8990 is set up with intercept):

$ curl --proxy http://<squidserverip>:8990 http://www.example.com/

On the Squid server, I see the following in cache.log:

2015/03/11 20:10:44 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1
User-Agent: curl/7.26.0
Host: www.example.com
Accept: */*
Via: 1.1 <servername> (squid/3.4.8)
X-Forwarded-For: <client-source-ip>
Cache-Control: max-age=259200
Connection: keep-alive

In these examples, I've obfuscated the actual requests (with placeholder names/titles), for security reasons.

My squid.conf currently looks like this (with commented lines and blank lines removed):

acl SSL_ports port 443
acl SSL_ports port 8443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 8443
acl CONNECT method CONNECT
acl SSL method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow localhost
http_access allow all
http_reply_access allow all
http_port 8990 intercept   ssl-bump cert=/etc/squid3/certificate.pem generate-host-certificates=on
http_port 8991
https_port 8443 cert=/etc/squid3/certificate.pem key=/etc/squid3/certificate.pem ssl-bump intercept generate-host-certificates=on  dynamic_cert_mem_cache_size=4MB options=ALL
ssl_bump none localhost
ssl_bump client-first all
sslproxy_flags DONT_VERIFY_PEER
sslproxy_cert_error allow all
sslcrtd_program /usr/lib/squid3/ssl_crtd -s /var/lib/ssl_db -M 4MB
sslcrtd_children 5
netdb_filename none
coredump_dir /var/spool/squid3
pinger_enable off
cache deny all
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320
query_icmp off
always_direct allow all
never_direct allow all

Based on my searches via Google, I've come to the conclusion that the intercept functionality requires me to set up some custom routing with iptables, but none of the various configurations I've tried have given any results.

We seem to be able to connect to Squid from the client just fine (on all three ports, including SSL handshake for https_port), but I'm unable to successfully perform requests on the two ports that do the intercepting.

Any help would be appreciated, either with the correct iptables setup for our network configuration, or changes needed to squid.conf (or other config files on the server).