Networking's not really my thing, but why are you talking about pf here? Don't you just have to let the kernel forward packets using normal routing? i.e. turn on some sysctrl to allow ip forwarding. Okay, let me look that up:
net.inet.ip.forwarding.
I'd disable pf while you're trying to get this going, then turn it back on when you have packets moving, you know, to remove complicating factors.