...never mind. I found the problem!
Correct rules should be with "tagged" at the end of the line:
Code:
# Tag roper -> inet
block out on $ext_if from $my_ip tag ROPER_to_INET
# Allow roper -> inet DNS
pass quick proto udp to $dns_ip port domain tagged ROPER_to_INET
# Allow roper -> inet NTP
pass quick proto udp to $ntp_ip port ntp tagged ROPER_to_INET
# Allow roper -> inet pkg_add
pass quick proto tcp to $pkg_ip tagged ROPER_to_INET
By the way...is it a bad idea to go with policy based rules instead of "the normal way"? It looks like few users write the rules as a policys, so perhaps im wasting my time trying it out.
/Quaxo