[J65nko]

If I were you, I first would reorganize the pf.conf. Order the rules nicely by interface and direction. Add quick if you want to defeat pf's the last matching rule wins strategy.

For the internal interface this would look like this:

Code:

# ----- INTERNAL INTERFACE in
pass in quick on em1 inet proto tcp from 192.168.1.0/24 to "my external ip" port = 80 flags S/SA rdr-to 127.0.0.1 port 5000

# ---- INTERNAL INTERFACE out
pass out quick on $int_if all

Also run tcpdump on the pflog0 device to check whether any rule blocks the HTTP traffic.
From another xterm run tcpdump on the internal interface to see the proxied packets (port 80).