Ok, "tcpdump -neti pflog0 action pass" shows my connection from remote location, but nothing under block. Which is good?? I have no other problems passing out data with my current config.
Code:
ext_if="em0"
int_if="re0"
wifi_if="ral0"
server="{ 192.168.0.10 }"
icmp_types="echoreq"
tcp_flags="flags S/SA keep state"
table <abusers> persist
set require-order no
set skip on lo
scrub in all
nat on $ext_if from !($ext_if) -> ($ext_if:0)
rdr pass on $ext_if proto { tcp udp } from any to any port 80 -> $server port 80
block drop all
block in quick from <abusers>
pass out on $ext_if proto tcp flags S/SA keep state
pass out on $ext_if proto { udp,icmp } keep state
pass in quick inet proto icmp all icmp-type $icmp_types keep state
pass in quick on $ext_if proto { tcp udp } from any to $server port 80 flags S/SA synproxy state
pass in quick on $wifi_if proto tcp to ($wifi_if) port ssh $tcp_flags (max-src-conn 8, max-src-conn-rate 15/5, overload <abusers> flush global)
pass quick on { lo, $int_if, $wifi_if }
antispoof quick for { lo, $int_if, $ext_if, $wifi_if }