I don't see any ral0 NIC/network rules. But then, you're showing output from pfctl, not pf.conf.
I can tell two things from this pfctl output:
- You are not logging your nat rules, so you are missing seeing that activity.
- All rules, except the block all, are nfe0 specific. I dont' see any rules for ral0. Your block all should kick in, unless you are still running an unseen nat pass. I don't know if pfctl -sn shows nat pass, as I do not run it and cannot test it at the moment.