I have looked at the first rule set you attached.
Queueing: your "set queue" rules are pass rules are located among your queue rules, before the comment line: "#****** THIS IS WHERE THE RULES BEGIN ******". Queue settings are not sticky when used in pass rules, and unless quick is used with pass, the last matching rule wins. Without looking very far, I can see rules that will match the same traffic and override your earlier pass rules that set queue.
You might consider using match rules to set queues, or, use the quick option.
Blocked traffic: Your general block rule is on inbound traffic. No outbound traffic is blocked except for IGMP. Did you enable the packet forwarding sysctl? If no, this is the root cause. If yes, then either simplify your rule set, or enable logging on each rule and use tcpdump(8).
|