We have the following BM setup:

- 2 NIC in the BM server (private, public IP).
- HTTP proxy configured on the BM server, and LAN machines can only go out through the proxy.

I have to enable 1 single machine to go out without the proxy. Which src/dst inerfaces and ports should I have to define in the filter exceptions? I guess I need 2 rules, one for outgoing, and one for the reply, right?