no reason to get nuts, sometimes machines don't act like we expect them to do.
(or in my case often they don't do)
If you want to define 1 machine to be not filtered, please define a host in "firewall objects". Give it a name and the correct IP. Then got to "Web proxy" and select "hosts without proxy" and select the host you created before. Same thing with IP-range, Hostgroups or CDIRs.
BTW: with proxy mode do you use? With transparent only you can only filter http, no https. Facebook for example uses https. To filter this select transparent with SSL and install the certificate on the client.