junkym do me a favor and try this rule. Let me know if you end up with an open Xbox One NAT. Took me awhile to figure this out with the help of tcpdump. This is the only rule I have for my Xbox One. Just make sure you don't restrict outbound access.
Code:
pass in quick on $WAN proto udp from any port 3544 to ($WAN) port 3074 rdr-to $XB1 port 3074
Get rid of any other 3544 or 3074 port rules you have otherwise they will conflict.