Your list of destination ports to pass might be too restrictive. For example:
Code:
# WiFi -> LAN
pass in on $WIFI_IF inet proto icmp from $WIFI to $LAN icmp-type $ICMP_TYPE tag WIFI_LAN
pass in on $WIFI_IF inet proto udp from $WIFI port $PORT_UNPRIV to $LAN port 33433 >< 33626 tag WIFI_LAN
Whether or not this is the problem, if you add the log option to your block rules, you should be able to determine why your desired traffic is not matching your pass rules by using tcpdump(8) with pflog(4).