My pf works fine except my server cannot resolve. Yes I already checked my networking items and resolving works when pf is disabled. I know I'm missing a filtering rule.
Thanks in advance.
Code:
+tcp_services = "{ssh, sftp, imap, imaps, smtp, 587, pop3 \
+ domain, ntp, www, http, https}"
+udp_services= "{domain, ntp}"
+
+
+set skip on lo
+set loginterface $ext_if
+
+scrub in all random-id fragment reassemble
+
+block return in log all
+block out all
+
+antispoof quick for $ext_if
+
+
+pass out quick on $ext_if proto tcp to any port $tcp_services
+pass out quick on $ext_if proto udp to any port $udp_services
+
+pass in on $ext_if proto tcp from any to any port ssh flags S/SA synproxy state
+pass in on $ext_if proto tcp from any to any port smtp flags S/SA synproxy state
+pass in on $ext_if proto tcp from any to any port http flags S/SA synproxy state
+pass in on $ext_if proto tcp from any to any port https flags S/SA synproxy state
+pass in on $ext_if proto tcp from any to any port pop3 flags S/SA synproxy state
+pass in on $ext_if proto udp from any to any port domain
+pass in on $ext_if proto tcp from any to any port domain flags S/SA synproxy state